[Mailman-Developers] PGP and Mailman

Nigel Metheringham Nigel.Metheringham at dev.intechnology.co.uk
Wed Mar 2 13:01:36 CET 2005

On Wed, 2005-03-02 at 12:37 +0100, Brad Knowles wrote:
> At 8:31 AM +0100 2005-03-02, Stefan Schlott wrote:
> >                                                Further, this will reveal
> >  all recipients' key ids - something not wanted in anonymous lists.
> 	True.  A session key would be encrypted to each key id, so the 
> key ids would be visible.  However, subscriber information is not too 
> hard to get from Mailman even when it's supposedly limited to being 
> available only to the admin, so I think there may be bigger fish to 
> fry elsewhere.
> >  Imho the tradeoff lies somewhere inbetween - encrypt messages to n
> >  recipients (yet to be implemented).
> 	The problem is that encrypting a message is a very CPU-intensive 
> process, and you don't want to figure off thousands and thousands of 
> message encryption processes for every single submission -- you'd DoS 
> yourself to death.  You'd have to make n pretty large in order to be 
> able to make this scalable.

In theory, you could encrypt the message once with a session key, and
then distribute it n times, each time adding the packet which has the
session key encrypted with the public key of the recipient.  This should
cost you very little more in encryption CPU requirements than a message
encrypted to n recipients in the normal fashion.  The rest of the
additional required overhead is basically the same as turning
personalisation on for a list.

Not sure how amenable GPG is to doing this sort of hacking, but it
sounds plausible to me (obviously too few coffees this morning).

[ Nigel Metheringham           Nigel.Metheringham at InTechnology.co.uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]

More information about the Mailman-Developers mailing list