-------- Original Message --------
Subject: Re: [Mailman-Developers] GSoC Updates
Date: Fri, 16 Aug 2013 11:48:56 +0530
From: Abhilash Raj <raj.abhilash1@gmail.com>
To: Stephen J. Turnbull <stephen@xemacs.org>
On Friday 16 August 2013 10:35 AM, Stephen J. Turnbull wrote:
Abhilash Raj writes:
- How do list owner create keys? What parameters? Which address?
python-gnupg provides a key-generation API, GPG.gen_key().
Alternatively, this could be done manually by the trusted
site-manager. The web UI would have to run over SSL, presumably
HTTPS.
But can we achieve required randomization to create keys on virtualized
systems? This was the reason it was suggested before that keys are
uploaded by the site owners when they create new lists.
I think the address should be $LIST-owner@fqdn. For other parameters,
defaults are OK I think (size=2048, type=RSA IIRC).
About the address I think owner can create a key using posting
address with a min key length of 1024? or else mailman rejects the
key? MD5 hash should be discouraged and at least SHA1 should be
used? (although I found this[1] that even sha1 should not be used)
Nobody short of a major government can afford to break private keys or
crypto hashes on a regular basis. Otherwise, before they try to break
SHA1, they'll kidnap and torture you (I'm serious about the
calculation they'll make, not that I think it will happen to anybody
we know for several thousand years).
Okay then we can just suggest not to use md5.
- How to manage paraphrase(or passwords) for keys?
In previous discussions we decided to use gnupg-agent and I
although I haven't tried it. Any other suggestions to it?
I really don't know. As you probably know, files containing host keys
for SSH and other SSL applications don't have passwords, but are
simply made readable only by root. That might be the appropriate
solution here. Otherwise, any reboot takes all lists down until the
owner can be tracked down.
Also one more thing while running tests i noticed many other tests are
breaking as initially a simple message could pass though
"default-posting-chain" but now we need a multipart/signed message. So
should I worry about changing all other tests?
Yes. Conventionally that is the responsibility of the person who adds
a feature. However, there's nothing that says you can't ask Barry for
help. He may know a way to do it quickly.
Barry anything here?