[Mailman-Developers] A list of discussion topics: GSoC OpenPGP Integration

ehrbar at greenhouse.economics.utah.edu ehrbar at greenhouse.economics.utah.edu
Tue Aug 6 18:49:49 CEST 2013


I am not an expert but the encryption discussion is
extremely important.  Are you familiar with the Secure Email
Lists (SELS) project?  If not, drop everything and look at
it at right now

http://sels.ncsa.illinois.edu/index.html

http://www.ncsa.illinois.edu/People/hkhurana/SAC05_1.pdf

To my limited understanding it seems to have the perfect
solution for mailing lists.  Instead of decrypting the
messages and re-encrypting them, the mailing list server
simply changes the keys needed to read the message without
having access to the content of the messages.  For this feat
to be possible, the mailing list administrator receives the
keys from the subscribers and re-issues a different key to
each subscriber.  I.e., the mailing list administrator must
be a trusted person, but the server does not have to be
trusted.  I think this is often the situation with mailing
lists.  From skimming your messages I did not have the sense
that you were discussing such a paradigm.  Perhaps you are
discussing it and I didn't get it, or you have good reasons
not to. You don't have to reply to me if I am saying
something obvious or stupid.  But if you are not even
familiar with this approach, I urge you to look at it.

Thank you for all the great work you are doing.

Hans G Ehrbar



More information about the Mailman-Developers mailing list