[Mailman-Developers] [GSoC] Encrypted mailing lists - update v3

Jan Jancar johny at neuromancer.sk
Sun May 28 19:09:07 EDT 2017


Hi all.

I have created a repository to keep the original proposal for this
project, as well as the current working version and similar
documentation / specs at:

https://gitlab.com/J08nY/pgpmailman-proposal

The repo contains up-to-date changes I propose to Mailman core to
accommodate an encrypted lists plugin as well as other possible future
plugins. (in core_changes.md)
It also contains a current working sketch of the plugin (in plugin.md).
Comments are very appreciated.

I wrote a post on the current issues I am facing on integrating the
encrypted lists plugin with Postorius and HyperKitty:

https://neuromancer.sk/article/4

Integrating with Postorius and HyperKitty
=========================================

Since a plugin-like out-of-tree approach is required for implementing
encrypted lists into Mailman, a straight forward integration into
Postorius and HyperKitty (as first proposed) by making them "aware" of
the encrypted lists plugin is not possible.

Thus a new approach for providing their functionality and conforming to
the project requirements is necessary. I see three possible pathways
forward and a middle-ground between them.

## Standalone django app

A new django app will be created, using django-mailman3 as a base, that
will implement all the web based functionality for encrypted mailing
lists, such as:

 - Displaying the List key for all public encrypted mailing lists.
 - List key management for list admins
 - User key management
 - Encrypted archives, that are server unencrypted (effectively replaces
HyperKitty for encrypted lists)

This app will then be run besides Postorius.

## A fork/patchset approach

This approach will create a fork of Postorius and HyperKitty that will
integrate changes necessary for the encrypted lists plugin seamlessly.
Thus users wanting to use encrypted mailing lists will have to setup
Postorius and HyperKitty from this fork.

## Wrenching it in

This approach tries to integrate all of the functionality using
configurable options of Postorius and HyperKitty. For example storing
messages encrypted could be done via a custom django.db.backend.
Receiving messages encrypted could be done via a small custom django app
that will receive them, decrypt and pass to HyperKitty decrypted.

## A middle-ground

Somewhat of a middle ground seems to be most sensible. A standalone app
will be necessary to provide functionality that is simply not possible
to be integrated into Postorius and HyperKitty sensibly. This app will
mostly provide key management (user and list), receive the messages
encrypted and so on. However Postorius and HyperKitty will work with the
least amount of "wrenching it in" as possible.

Cheers,
-- 
Jan
______________________________________________________
   /\  # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
  /__\  # https://neuromancer.sk
 /\  /\  # Eastern Seaboard Phishing Authority
/__\/__\  #

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20170529/f35e0fb4/attachment.sig>


More information about the Mailman-Developers mailing list