[Mailman-Developers] GSOC Project idea: OpenPGP integration
Stefan Schlott
stefan.schlott at ulm.ccc.de
Sat Apr 27 15:22:17 CEST 2013
On 27.04.2013 06:45, Stephen J. Turnbull wrote:
> > 2. Your list has elevated security requirements. In this case, you can
> > use gpg-agent to manage the secret key (and its passphrase).
>
> I don't understand what threat you propose to address in this way.
> It's true that you can prevent the attacker from getting access to the
> key (using agent forwarding or a token, it need not be on the exposed
> host at all), but we're assuming he has access to the host and the
> Mailman process.
The gpg-agent approach protects you from all storage-related attacks:
- unencrypted backups
- physical access to the harddrive
- etc.
It does not protect from attackers who have access to the contents of
the computer's RAM:
- raw memory access and scanning for the secret key (requires root)
- memory dump via DMA-enabled interfaces (firewire, pc-card, ...)
- cold boot attacks
Stefan.
More information about the Mailman-Developers
mailing list