On 2014-06-14 10:47, Sylvain Viart wrote:
This thread is a continuation of this one: https://mail.python.org/pipermail/mailman-developers/2011-May/021377.html .
I found this page yesterday, as we were doing a key signing party…
http://security.stackexchange.com/questions/26544/gpg-encrypted-mailing-list...
Your are speaking about "2. Do a relay.", right?
Yes, except we don't want to use the mailing list maintainer keys, or make him manually decrypt/encrypt every message. This should be done automatically by Mailman, and we want to use the mailing list keypair.
This could be customized. For example, see "new list settings" here: https://bugs.launchpad.net/mailman/+bug/558189 . This scheme could be made quite flexible. For example sending messages encrypted with some people keys (but not the list key) could also be allowed, thus alleviating the problem of the list maintainer being able to inspect (and possibly block) every message.
Anyway it is crucial that the original signatures are retained, IMHO. Not sure what would be the problems with double-signed messages, but ideally the Mailman would add its own signature, too.
Also, the technical messages to/from Mailman (like the monthly ML password, or ML commands) should also be encrypted and/or signed.
-- http://people.eisenbits.com/~stf/ http://www.eisenbits.com/
OpenPGP: 80FC 1824 2EA4 9223 A986 DB4E 934E FEA0 F492 A63B