[Mailman-Developers] opportunistically encrypted mailman lists with Autocrypt
holger at merlinux.eu
Wed Jan 31 15:03:02 EST 2018
On Wed, Jan 31, 2018 at 19:00 +0100, Jan Jancar wrote:
> >> If you would like to use a Python OpenPGP implementation you could look
> >> at [PGPy] and how I used it in mailman-pgp.
> > It's under consideration here: https://github.com/hpk42/muacrypt/issues/32
> > Are your experiences with pgpy indicating it's compatible with
> > enigmail and k9-mail? (see the questions on that issue)
> PGPy is a quite complete OpenPGP(RFC4880) implementation, its support
> table shows that:
> The unsupported packets are very rarely used nowadays and are only
> really produced by very old PGP clients, afaik. PGPy also has a quite
> extensive test suite that works with gpg internally.
> I suggest you look at PGPy issue tracker to see what it lacks currently,
> the most painful issue I think is the missing support for writing
> partial length packets. It can read them just well but not output them.
Good to know! I added the links to the muacrypt issue i linked above.
dkg and vincent (from k-9 mail) tell me write support of partial
length header is not needed for e-mails, so that's good
because i'd like muacrypt, my in-progress autocrypt implementation,
to work with pgpy sometime (https://github.com/hpk42/muacrypt/issues/32 )
> >>> - No special interface is needed on the mailing list web page
> >>> maybe except from enabling/disabling the plugin/support.
> >> Plugin configuration is done through the Mailman configuration and those
> >> are read-only through the REST interface. However a plugin might supply
> >> it's own REST endpoints for example for per-list setup/configuration.
> > I guess read-only REST would allow for a command line interface for
> > debugging or other low-level configuration wrt to autocrypt key
> > status for peers. Can a plugin add per-list configuration
> > options (enable/disable, maybe a choice between 2-3 policies?)
> Yes definitely, the configuration will be handled completely inside the
> pkugin. I'm thinking along the lines of:
> - Expose a custom REST endpoint for per-list Autocrypt configuration,
> that can be read-write, however is only protected by one global REST
> user-password pair. That will be accessed by an Autocrypt Django app,
> similarly to how I implemented configuration for mailman-pgp in
> [django-pgpmailman]. That app can be then run alongside Postorius and
> HyperKitty which provide Mailman's configuration and archives. So this
> gives list admins a simple web UI for per-list Autocrypt configuration.
> - Provide a CLI command component which can manage the per-list
> Autocrypt configuration of the Mailman instance locally.
sounds good. Is it also possible to hook into the standard mm3 configuration,
for adding a per-list configuration item that can then be processed by
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 474 bytes
Desc: not available
More information about the Mailman-Developers