[Mailman-Developers] A list of discussion topics: GSoC OpenPGP Integration
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jun 28 17:48:01 CEST 2013
On 06/28/2013 10:11 AM, Barry Warsaw wrote:
> Another complication is that keys will probably be attached to users, but
> users have relationships with list across the entire Mailman installation. So
> if it were list owners that were responsible for key management, how does that
> cross list boundaries? What about lists on the same system but in different
> domains? Does the site admin have to delegate key management responsibilities
> to list owners? I can imagine some kind of attack involving a list owner who
> approves a member's key for one list, and then using that to attack other
> lists on the same system. Tricky business.
An OpenPGP certification of a key+userid just means that the certifier
believes that the key belongs to the person who has that user ID
(including the e-mail address). i think the best way to implement
stephen's suggestion is that in order to be able to post to a
signed-message-only list, a list member must have a key that has been
certified by the list's administrator.
Note that this does *not* mean that a non-list-member whose key has been
certified by the list's administrator can post. List membership and key
certification are orthogonal attributes; Both should be needed (plus a
valid signature on the message, of course!) before a message is passed
on to such a list.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20130628/21716764/attachment.pgp>
More information about the Mailman-Developers
mailing list