[Mailman-Developers] [GSoC] Encrypted mailing lists - final evaluation
johny at neuromancer.sk
Tue Aug 29 13:23:40 EDT 2017
Final work submission
As the GSoC 2017 final evaluation period just ended, my final work
product is finally submitted. This post is a summary of my final work
- Plugin for Mailman Core.
- Enables creating a PGP mailing list, which has a list key, can
receive and serve messages encrypted, can sign and receive signed
messages from subscribers.
- Creates the `key` email command, which is used for per-address user
- Subscription to a PGP enabled mailing list the subscribing address
to send and confirm an address public key, which the moderator must verify.
- Somewhat confirms the user has possession of the appropriate private
key to the one sent on subscription.
- Has per-list settings for encryption/signatures/what to do with non
encrypted / non signed messages, etc..
- Optionally exposes a REST API for list configuration.
- Has local archivers which can store the messages encrypted by the
- Stores list and address keys in configurable key directories.
- requires (some not merged) MRs in Mailman Core
- [mailman/pluggable-components], merged as [mailman!308]
- [mailman/pipelines-dynamical-instantiation], merged
- additional MR (not required)
- Required branches are merged and maintained at [J08nY/mailman/plugin.
- To install, do `pip install mailman-pgp`, warning: it will pull in a
development version of Mailman Core and PGPy.
- A Django app, uses django-mailman3 and mailmanclient, integrates
well with Postorius and HyperKitty.
- Provides management of PGP enabled mailing lists to the list owner,
and of PGP related subscription settings to the subscriber.
- requires (currently not merged) MRs in mailmanclient,
django-mailman3, Postorius and HyperKitty
- A plugin for Mailman Core that turned out to be unnecessary for the
working of django-pgpmailman, but implemented a similar feature as this
- This plugin sends the events (and some information about them) from
Mailman Core to a list of configurable endpoints using JSON in HTTP POST
- [mailmanclient/split-sources], merged
- Many many PRs to [PGPy], a Python only implementation of OpenPGP.
[19 PRs] and counting. As PGPy was not and still is not feature complete
in regards to RFC4880 I found out many times that it's missing
features/bugs broke mailman-pgp CI. It would not make sense fixing them
locally, both from a software design perspective and open source
software one aswell.
I think I met almost all goals that the project idea required and my
original proposal stated, with the noteworthy exception of remote
archiving to HyperKitty which I just couldn't find a way to integrate.
/\ # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
/__\ # https://neuromancer.sk
/\ /\ # Eastern Seaboard Phishing Authority
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 862 bytes
Desc: OpenPGP digital signature
More information about the Mailman-Developers