[Mailman-Developers] [GSoC] Encrypted mailing lists - final evaluation

Jan Jancar johny at neuromancer.sk
Tue Aug 29 13:23:40 EDT 2017

Hi all.


Final work submission

As the GSoC 2017 final evaluation period just ended, my final work
product is finally submitted. This post is a summary of my final work


  - https://gitlab.com/J08nY/mailman-pgp
  - https://mailman-pgp.readthedocs.io/en/latest/
  - Plugin for Mailman Core.
  - Enables creating a PGP mailing list, which has a list key, can
receive and serve messages encrypted, can sign and receive signed
messages from subscribers.
  - Creates the `key` email command, which is used for per-address user
key management.
  - Subscription to a PGP enabled mailing list the subscribing address
to send and confirm an address public key, which the moderator must verify.
  - Somewhat confirms the user has possession of the appropriate private
key to the one sent on subscription.
  - Has per-list settings for encryption/signatures/what to do with non
encrypted / non signed messages, etc..
  - Optionally exposes a REST API for list configuration.
  - Has local archivers which can store the messages encrypted by the
list key.
  - Stores list and address keys in configurable key directories.
    - requires (some not merged) MRs in Mailman Core
        - [mailman/pluggable-components], merged as [mailman!308]
        - [mailman/list-style-descriptions]
        - [mailman/pluggable-workflows]
        - [mailman/pipelines-dynamical-instantiation], merged
    - additional MR (not required)
        - [mailman/mta-smtps-starttls]
  - Required branches are merged and maintained at [J08nY/mailman/plugin.
  - To install, do `pip install mailman-pgp`, warning: it will pull in a
development version of Mailman Core and PGPy.


  - https://gitlab.com/J08nY/django-pgpmailman
  - A Django app, uses django-mailman3 and mailmanclient, integrates
well with Postorius and HyperKitty.
  - Provides management of PGP enabled mailing lists to the list owner,
and of PGP related subscription settings to the subscriber.
    - requires (currently not merged) MRs in mailmanclient,
django-mailman3, Postorius and HyperKitty
        - [mailmanclient/plugin-bindings]
        - [django-mailman3/template-chunks]
        - [postorius/template-chunks]
        - [hyperkitty/template-chunks]


  - https://gitlab.com/J08nY/mailman-rest-events
  - A plugin for Mailman Core that turned out to be unnecessary for the
working of django-pgpmailman, but implemented a similar feature as this
  - This plugin sends the events (and some information about them) from
Mailman Core to a list of configurable endpoints using JSON in HTTP POST

Other contributions

  - [mailmanclient/split-sources], merged
  - [postorius/list-style-selection]
  - Many many PRs to [PGPy], a Python only implementation of OpenPGP.
[19 PRs] and counting. As PGPy was not and still is not feature complete
in regards to RFC4880 I found out many times that it's missing
features/bugs broke mailman-pgp CI. It would not make sense fixing them
locally, both from a software design perspective and open source
software one aswell.

## Overall

I think I met almost all goals that the project idea required and my
original proposal stated, with the noteworthy exception of remote
archiving to HyperKitty which I just couldn't find a way to integrate.







[J08nY/mailman/plugin]: https://gitlab.com/J08nY/mailman/tree/plugin







[PGPy]: https://github.com/SecurityInnovation/PGPy

[19 PRs]:

   /\  # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
  /__\  # https://neuromancer.sk
 /\  /\  # Eastern Seaboard Phishing Authority
/__\/__\  #

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20170829/2e957634/attachment.sig>

More information about the Mailman-Developers mailing list