[Mailman-Developers] [GSoC] Encrypted mailing lists - first evaluation
Jan Jancar
johny at neuromancer.sk
Wed Jun 28 07:49:29 EDT 2017
Hi all.
https://neuromancer.sk/article/9
The first evaluation period is here, I have already sent in my
evaluation so I thought I would recap the state of the project.
During the first two weeks or so, I mostly focused on features in
Mailman Core that would be necessary for making a plugin like this work,
my MRs introduce an easy to use/configure plugin infrastructure. Where
plugins can provide components and even custom REST routes in Mailman
Core. This with just installing the plugin into the same environment as
Mailman Core and some config additions. Also some minor additions of
selecting the list style on creation in Postorius and appropriate
changes in mailman-client.
During the last two weeks I focused on work on the mailman-pgp plugin
itself, along with its helper plugin mailman-rest-events. The REST
events plugin is finished, apart from some tests and bug-fixing and it
does its job of sending Mailman Core events to RESTful application
endpoints fine.
The mailman-pgp plugin currently has working list-key generation,
decryption in incoming runner, signature checking rule and general
inline and PGP/MIME message handling utilities. I also got its tests to
work with Mailman Core test layers so it can be actually integration
tested as it would work with Mailman Core. Along with that I setup
Gitlab CI pipelines with coverage testing and currently [tests
pass](https://gitlab.com/J08nY/mailman-pgp/pipelines/9384851)!
As I worked in PGP handling in messages I needed a good python [PGP
library](https://github.com/SecurityInnovation/PGPy), which I found, but
since some features mailman-pgp requires were not implemented/buggy I
made quite a lot of
[PRs](https://github.com/SecurityInnovation/PGPy/pulls) to this library
as well.
Key management is the next thing I would like to work on after finishing
tests of the current implementation. After that outgoing message
encryption and signing. When these things work I would then move on to
implement the appropriate things in the django-pgpmailman web app which
hooks into Postorius and HyperKitty.
Overall I am quite confident in where the project is now. Seeing it run
tests with Mailman Core running and pass (just some basic tests atm)
feels good.
Cheers!
--
Jan
______________________________________________________
/\ # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
/__\ # https://neuromancer.sk
/\ /\ # Eastern Seaboard Phishing Authority
/__\/__\ #
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20170628/941a2e27/attachment.sig>
More information about the Mailman-Developers
mailing list