[Mailman-Developers] GSoC Project: pgp plugin

Hello Mailman developers,

I was planning to write a pgp-encryption plugin for Mailman 3 that manages one keypair per list and pubkeys of the subscribers. I'm considering to do it as my first-time Google Summer of Code project.

I have read the GSoC 2016 rules and the Mailman wiki GSoC 2016 pages. I will try to work myself more into the mailman-core sources the next few days and try to make an improvement (eg bugfix).

About me: I have been studying computer science in germany for two and a half years. I have sent patches to some libre, mainly C and C++, projects. I have only minor experience in Python but I'm used to learning by reading documentation and sources. Feel free to mail me if you have questions.

The Project Idea: Encrypted malinglists have been been a much-requested feature in mailman 2 and I would like to run some encrypted mailinglists myself. There is no stable pgp-aware mailserver at this time but there has been an unstable patch for mailman 2.1.51 and some other unstable encrypted list servers 2). This Project could also help to evaluate the Mailman 3 plugin system.

Some features could be:

1. Automatic pubkey collection from inbound mail
2. Outbound mail encryption and signature validation
3. Automatic keypair generation for pgp-aware lists
4. Inbound mail decryption and outbound mail signature
5. A mailinterface for organizing the encrypted lists, subscribers public keys and trust levels
6. A webinterface
7. PGP Information in the messages (e.g. was the incoming mail signed by a trusted subscriber?)
8. Optionally forced encryption (such a list never sends mail to an adress to which it can't encrypt with a pubkey that has a certain level of trust and/or won't accept inbound mail in plaintext)
9. Optionally forced signature (inbound mail to the list has to be signed with a key that has a certain level of trust in order to be published)
10. pgp-aware command system. (eg optionally only accept admin mail commands from signature-verified mail admins)

Features 1.-5. are essential.

Thoughts on Implementation: pygpgme could be used for encryption which might easily enable S/MIME as well. Keys could be stored in the filesystem or in databases using SQLAlchemy. The encryption step could be implemented as a pipeline.

Encrypted lists in mailman would be great, I think I can implement the plugin myself but I will need help to ensure the reliability and security of the plugin.

What are your thoughts on pgp in Mailman 3?

Is this a suitable Project for the Google Summer of Code 2016? Would anyone be interested in becoming my mentor for this project?

Thank you, Jonas