[Mailman-Developers] opportunistically encrypted mailman lists with Autocrypt

holger krekel holger at merlinux.eu
Sun Jan 21 00:47:09 EST 2018

Hi all,

maybe some of you know me for my works on pypy, tox or pytest but
this mail will be about something else ...

In the last year i co-instigated a new opportunistic mail encryption
effort called Autocrypt (https://autocrypt.org). With Autocrypt Level 1, 
mail clients (e.g. enigmail, K-9 mail, Delta.chat, ...) send and parse
public keys in "Autocrypt" e-mail headers and offer single-click
encryption.  Releases are upcoming in spring 2018, we have been
doing fun and well-received user-testing sessions already 
with in-development versions. 

In 2018, I'd like to tackle basic integration of Mailman and Autocrypt, 
to achieve opportunistically encrypted mailing lists.  The main idea is to
grow a mailman mode/plugin to:

1) have mailman lists maintain a public pgp identity that
   is added through Autocrypt headers to outgoing mails. 

2) have mailman keep track of "incoming" autocrypt keys
   and decrypt incoming mails if they are encrypted.

3) encrypt to those subscribers where we have a proper Autocrypt key

Code wise, i'd like to tackle this based on the the new and evolving
(and quite unpublic so far) "muacrypt" project:

>From looking at archives and the GSOC idea page i see there were related
efforts and ideas.  Are there pointers to draft implementations that
are still somewhat up to date (with mm3)? 

Also, i am considering to submit a project proposal for the
Mozilla Mission Partners program which would include a few more
things ... OnionMX routing for postfix, and documentation on
how to setup a best-practise MM3 mail instance, and maybe organizing
a sprint around the mentioned topics.

collaboration welcome'ly yours,


P.S.: i had discussed mm-encryption with Barry 2-3 years ago
and feel now, with Autocrypt getting out the door, it's all 
becoming more feasible.

More information about the Mailman-Developers mailing list