[Mailman-Developers] opportunistically encrypted mailman lists with Autocrypt

holger krekel holger at merlinux.eu
Tue Jan 23 09:04:32 EST 2018 

Hi again,

To be a bit clearer wrt my questions:

- are there any active efforts wrt mailman and encryption?
  any "post mortems" on former ones? 

- are some of you interested in mailman+encryption efforts? 

I btw expect autocrypt integration to be significantly 
simpler than previous efforts that dealt with keyservers IISIC.

holger


On Sun, Jan 21, 2018 at 06:47 +0100, holger krekel wrote:
> Hi all,
> 
> maybe some of you know me for my works on pypy, tox or pytest but
> this mail will be about something else ...
> 
> In the last year i co-instigated a new opportunistic mail encryption
> effort called Autocrypt (https://autocrypt.org). With Autocrypt Level 1, 
> mail clients (e.g. enigmail, K-9 mail, Delta.chat, ...) send and parse
> public keys in "Autocrypt" e-mail headers and offer single-click
> encryption.  Releases are upcoming in spring 2018, we have been
> doing fun and well-received user-testing sessions already 
> with in-development versions. 
> 
> In 2018, I'd like to tackle basic integration of Mailman and Autocrypt, 
> to achieve opportunistically encrypted mailing lists.  The main idea is to
> grow a mailman mode/plugin to:
> 
> 1) have mailman lists maintain a public pgp identity that
>    is added through Autocrypt headers to outgoing mails. 
> 
> 2) have mailman keep track of "incoming" autocrypt keys
>    and decrypt incoming mails if they are encrypted.
> 
> 3) encrypt to those subscribers where we have a proper Autocrypt key
> 
> Code wise, i'd like to tackle this based on the the new and evolving
> (and quite unpublic so far) "muacrypt" project:
> https://muacrypt.readthedocs.io 
> 
> >From looking at archives and the GSOC idea page i see there were related
> efforts and ideas.  Are there pointers to draft implementations that
> are still somewhat up to date (with mm3)? 
> 
> Also, i am considering to submit a project proposal for the
> Mozilla Mission Partners program which would include a few more
> things ... OnionMX routing for postfix, and documentation on
> how to setup a best-practise MM3 mail instance, and maybe organizing
> a sprint around the mentioned topics.
> 
> collaboration welcome'ly yours,
> 
> holger
> 
> P.S.: i had discussed mm-encryption with Barry 2-3 years ago
> and feel now, with Autocrypt getting out the door, it's all 
> becoming more feasible.
> 
> _______________________________________________
> Mailman-Developers mailing list
> Mailman-Developers at python.org
> https://mail.python.org/mailman/listinfo/mailman-developers
> Mailman FAQ: http://wiki.list.org/x/AgA3
> Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/
> Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/holger%40merlinux.eu
> 
> Security Policy: http://wiki.list.org/x/QIA9

More information about the Mailman-Developers mailing list