[Mailman-Developers] Encrypted lists predictable difficulties and implementation needs
Stephen J. Turnbull
turnbull.stephen.fw at u.tsukuba.ac.jp
Wed Mar 22 11:06:23 EDT 2017
Rich Kulawiec writes:
> (In the specific case, e.g., the right people using the right
> devices with the right knowledge and self-discipline: maybe. But
> there are not many of those cases and any of them can revert to the
> general case in seconds with one poor decision or perhaps even
> without one.)
I'm with Richard Damon on this.
FYI: Encrypted lists *are* occasionally requested. Even if we are
forced to give up, we need to investigate this, and convince ourselves
that there really are NO valid use cases so we can make the case that
it's a bad idea to those users. I note that several other projects
have created variations on encrypted lists. It's reasonable for us to
want to learn what they are and are not good for in order to converse
with users about their requests for encrypted lists.
You have my permission to say "I told you so" if we're forced to
abandon this as a silly idea. Until then, I think you're wasting
bandwidth in opposing it from the get-go. Once again, I'd be happy to
hear where our threat models are deficient once we start to talk about
them. But none of the proposals so far have really identified a
threat model let alone a corresponding use case! So there's nothing
to criticize yet.
Regards,
Steve
More information about the Mailman-Developers
mailing list