[Mailman-Developers] PGP and Mailman
Nigel Metheringham
Nigel.Metheringham at dev.intechnology.co.uk
Wed Mar 2 13:01:36 CET 2005
On Wed, 2005-03-02 at 12:37 +0100, Brad Knowles wrote:
> At 8:31 AM +0100 2005-03-02, Stefan Schlott wrote:
> > Further, this will reveal
> > all recipients' key ids - something not wanted in anonymous lists.
>
> True. A session key would be encrypted to each key id, so the
> key ids would be visible. However, subscriber information is not too
> hard to get from Mailman even when it's supposedly limited to being
> available only to the admin, so I think there may be bigger fish to
> fry elsewhere.
>
> > Imho the tradeoff lies somewhere inbetween - encrypt messages to n
> > recipients (yet to be implemented).
>
> The problem is that encrypting a message is a very CPU-intensive
> process, and you don't want to figure off thousands and thousands of
> message encryption processes for every single submission -- you'd DoS
> yourself to death. You'd have to make n pretty large in order to be
> able to make this scalable.
In theory, you could encrypt the message once with a session key, and
then distribute it n times, each time adding the packet which has the
session key encrypted with the public key of the recipient. This should
cost you very little more in encryption CPU requirements than a message
encrypted to n recipients in the normal fashion. The rest of the
additional required overhead is basically the same as turning
personalisation on for a list.
Not sure how amenable GPG is to doing this sort of hacking, but it
sounds plausible to me (obviously too few coffees this morning).
Nigel.
--
[ Nigel Metheringham Nigel.Metheringham at InTechnology.co.uk ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
More information about the Mailman-Developers
mailing list