[Mailman-Developers] A list of discussion topics: GSoC OpenPGP Integration
ehrbar at greenhouse.economics.utah.edu
ehrbar at greenhouse.economics.utah.edu
Tue Aug 6 18:49:49 CEST 2013
I am not an expert but the encryption discussion is
extremely important. Are you familiar with the Secure Email
Lists (SELS) project? If not, drop everything and look at
it at right now
http://sels.ncsa.illinois.edu/index.html
http://www.ncsa.illinois.edu/People/hkhurana/SAC05_1.pdf
To my limited understanding it seems to have the perfect
solution for mailing lists. Instead of decrypting the
messages and re-encrypting them, the mailing list server
simply changes the keys needed to read the message without
having access to the content of the messages. For this feat
to be possible, the mailing list administrator receives the
keys from the subscribers and re-issues a different key to
each subscriber. I.e., the mailing list administrator must
be a trusted person, but the server does not have to be
trusted. I think this is often the situation with mailing
lists. From skimming your messages I did not have the sense
that you were discussing such a paradigm. Perhaps you are
discussing it and I didn't get it, or you have good reasons
not to. You don't have to reply to me if I am saying
something obvious or stupid. But if you are not even
familiar with this approach, I urge you to look at it.
Thank you for all the great work you are doing.
Hans G Ehrbar
More information about the Mailman-Developers
mailing list