Re: [Mailman-Developers] GSOC Project idea: OpenPGP integration
On 04/06/2013 06:53 PM, Paul Wise wrote:
On Sun, Apr 7, 2013 at 5:19 AM, Abhilash Raj wrote:
I am a undergrad student interested in OpenPGP integration in mailman as a GSOC project this summer.
neat, i'm glad to hear it!
I'm not sure about the scope of your project but you may want to review some prior efforts:
http://schleuder2.nadir.org/ http://www.synacklabs.net/projects/crypt-ml/
see also:
http://non-gnu.uvt.nl/mailman-pgp-smime/ http://sels.ncsa.illinois.edu/
My pet favourite feature from the lurker mail archiver is showing photos from OpenPGP keys in the archive pages.
:)
there are a lot of different ways that you might try to integrate message encryption, message signing, etc into a mailing list. There are also a lot of ways to make it easy for users and administrators to shoot themselves in the foot with this stuff; and even seasoned system administrators with years of crypto background can get wrong. :(
If i were you, Abhilash, i would start by trying to write up a concise statement about what specific enhancement you want to make from an end-user perspective, and what threat model your enhancement addresses.
here are three (very different) starting points as examples:
A) I want to make it so that only correctly-signed messages will be redistributed to the list.
B) I want to make it so that no one but the list subscribers will be able to be able to view the content of messages sent to the list.
C) I don't want the identities of anyone subscribed to the mailing list to be known to anyone but the other subscribers.
There are layers of nuance to resolve with each of those goals. i had a hard time keeping them that short because of all the exceptions and questions they raised in my head when i wrote them (Hint: i'm not convinced that either of them is actually well-defined enough to even be considered possible), but some form of either of them might be possible if you make them more precise.
Can you try defining what sort of feature you'd like to see implemented?
Also, key management is likely to be a large part of any project like this. Have you thought about how a keyring for a mailing list should be handled?
Regards,
--dkg
Thanks all for replying.
On Sun, Apr 7, 2013 at 4:47 AM, Daniel Kahn Gillmor <dkg@fifthhorseman.net>wrote:
On 04/06/2013 06:53 PM, Paul Wise wrote:
On Sun, Apr 7, 2013 at 5:19 AM, Abhilash Raj wrote:
I am a undergrad student interested in OpenPGP integration in mailman as a GSOC project this summer.
neat, i'm glad to hear it!
I'm not sure about the scope of your project but you may want to review some prior efforts:
http://schleuder2.nadir.org/ http://www.synacklabs.net/projects/crypt-ml/
see also:
http://non-gnu.uvt.nl/mailman-pgp-smime/ http://sels.ncsa.illinois.edu/
My pet favourite feature from the lurker mail archiver is showing photos from OpenPGP keys in the archive pages.
Thanks for these links. I am currently going through these projects to figure out the implementation part of the OpenPGP into mailman. Also trying to use the mailman-php-smime patch to figure out how it is implemented.
:)
there are a lot of different ways that you might try to integrate message encryption, message signing, etc into a mailing list. There are also a lot of ways to make it easy for users and administrators to shoot themselves in the foot with this stuff; and even seasoned system administrators with years of crypto background can get wrong. :(
If i were you, Abhilash, i would start by trying to write up a concise statement about what specific enhancement you want to make from an end-user perspective, and what threat model your enhancement addresses.
here are three (very different) starting points as examples:
A) I want to make it so that only correctly-signed messages will be redistributed to the list.
B) I want to make it so that no one but the list subscribers will be able to be able to view the content of messages sent to the list.
C) I don't want the identities of anyone subscribed to the mailing list to be known to anyone but the other subscribers.
There are layers of nuance to resolve with each of those goals. i had a hard time keeping them that short because of all the exceptions and questions they raised in my head when i wrote them (Hint: i'm not convinced that either of them is actually well-defined enough to even be considered possible), but some form of either of them might be possible if you make them more precise.
Can you try defining what sort of feature you'd like to see implemented?
Well what i want to make it is that whenever a user sends a mail to the list it should be singed with his private key so that it can be verified against his public that he uploads if he wants permissions to post in the list. As the message is received by mailman its signature is verified and then its encrypted and sent to each person, wherein those who haven't uploaded their key will also receive an unencrypted copy(with a probability that it may not be intended for them or not authentic mail).
I also agree that I am new to cryptography so I cannot comment/assure about the implementation of this idea. But with your help I think I think I would be able to implement the best possible version of this idea.
Also, key management is likely to be a large part of any project like this. Have you thought about how a keyring for a mailing list should be handled?
Yes, this was on the top of my mind while trying to attempt this project. I learned about key-servers. I think we could setup one wherein all the public key would be stored that are uploaded by users and retrieved when needed.
Regards,
--dkg
Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/raj.abhilash1%40gm...
Security Policy: http://wiki.list.org/x/QIA9
Thanks!
Abhilash Raj
participants (2)
-
Abhilash Raj -
Daniel Kahn Gillmor