[Mailman-Developers] GnuPG support
Stanisław Findeisen
stf.list.mailman.dev at eisenbits.com
Sat Jun 14 19:49:38 CEST 2014
On 2014-06-14 10:47, Sylvain Viart wrote:
>> This thread is a continuation of this one:
>> https://mail.python.org/pipermail/mailman-developers/2011-May/021377.html .
>
> I found this page yesterday, as we were doing a key signing party…
>
> http://security.stackexchange.com/questions/26544/gpg-encrypted-mailing-list-and-other-approaches-to-safe-communication
>
> Your are speaking about "2. Do a relay.", right?
Yes, except we don't want to use the mailing list maintainer keys, or
make him manually decrypt/encrypt every message.
This should be done automatically by Mailman, and we want to use the
mailing list keypair.
This could be customized. For example, see "new list settings" here:
https://bugs.launchpad.net/mailman/+bug/558189 .
This scheme could be made quite flexible. For example sending messages
encrypted with some people keys (but not the list key) could also be
allowed, thus alleviating the problem of the list maintainer being able
to inspect (and possibly block) every message.
Anyway it is crucial that the original signatures are retained, IMHO.
Not sure what would be the problems with double-signed messages, but
ideally the Mailman would add its own signature, too.
Also, the technical messages to/from Mailman (like the monthly ML
password, or ML commands) should also be encrypted and/or signed.
--
http://people.eisenbits.com/~stf/
http://www.eisenbits.com/
OpenPGP: 80FC 1824 2EA4 9223 A986 DB4E 934E FEA0 F492 A63B
More information about the Mailman-Developers
mailing list