All of these proposals overlook significant known, current threats -- none of which they're capable of addressing, but some of which badly undercut the suggested approaches.
To list just one of those -- albeit a rather prominent one -- the Internet's population of hijacked systems (aka bots or zombies) continues to grow. This has been a growing problem for the last 15 years, e.g.:
Vint Cerf: one quarter of all computers part of a botnet
http://arstechnica.com/news.ars/post/20070125-8707.htmlI have studied this issue extensively since 2002 and while I initially thought Cerf's estimate a bit high, further study and retropection suggests that it was probably about right. Extrapolating to the present day, one-quarter is probably still about right -- but of course the system population has grown massively in the interim.
The problem has recently been badly exacerbated by the rapid deployment of IoT devices whose security ranges between "laughable" and "non-existent". These in turn are quickly being utilized to compromise other systems. The problem is also being badly exacerbated by various governments and organized criminal operations which are developing, acquiring, and deploying zero-days as fast as they possibly can. And it's being further exacerbated by the increasingly sophisticated attacks conducted by less prominent and well-resourced adversaries; to put it another way, the average attacker now has access to means and methods far beyond what they had a decade ago. I rather suspect that "one quarter" will become "one third" in the next few years.
What all of this means is that once a list passes N members, where we can debate about N, the probability that at least one of those members has already been compromised even before they've joined the list starts rapidly increasing. Of course other factors may mitigate this: if all N members use exclusively open-source software, do not use freemail providers, do not use smartphones or IoT devices, etc., then the probability that one of them is compromised diminishes. (Worth noting that in a list constituted like this, encryption offers little additional security value, since its members are already doing the things most likely to avoid being compromised.) If on the other hand, some of the list members are using worst practices, then the probability that at least one is compromised will increase.
As I said, we can debate N -- and we can debate the probability. What is not open to debate is that this is real and significant. Very long experience running mailing lists and observing partial bot-generated activity from members strongly suggests, to give just one data point, that once N reaches "a few hundred" the probability approaches unity. However, I must emphasize that the word "partial" means that this is a significant UNDER-observation -- it's very clear that there is bot-generated activity I'm missing. Rather a lot of it, actually. So "a few hundred" is probably a highly optimistic estimate for N and its true value is probably much lower.
So even if the encryption works perfectly (which it won't) and it's deployed perfectly (which it won't be) and it's usable by everyone (which it won't be) and it plays nice with policies like attachment removal, signature removal, boilerplate addition, etc. (which it won't) and the encryption algorithm is perfect (which it won't be) and the encryption implementation is perfect (which it won't be) and all of this rather complex machinery works perfectly...it will all be rendered moot the moment one list member's system is compromised.
In other words, what you propose to build here is an extremely brittle system that's subject to total failure if even just a single endpoint fails. And there are *hundreds of millions* of endpoints that have already failed.
Thus, even assuming that the systems of encrypted-list members aren't specifically targeted, there is an uncomfortably high probability that the messages traversing it will be pre-compromised from the start.
And of course if those systems *are* specifically targeted, which of course is likely for people with use cases that suggest encrypted mailing lists, then the threat models changes and no longer consists of the normal level of attacks that all systems are subject to, but includes an elevated level of attacks that will target them in particular.
I think that this is an instance where a huge amount of well-intended design and development effort will result in a "solution" that cannot provide what it intends to because underlying circumstances prevent it. And -- having studied those underlying circumstances for a long time -- I can sadly report that the problem is getting worse and will continue to get worse, because (a) all of the various factors contributing to it are also getting worse and (b) there are no reasons for anyone to significantly invest in making it better.
---rsk