[Mailman-Developers] GnuPG support - PGP - GPG encrypted mailing list
Sylvain Viart
sylvain at opensource-expert.com
Sun Jun 15 09:42:42 CEST 2014
Le 14/06/2014 19:49, Stanisław Findeisen a écrit :
> http://security.stackexchange.com/questions/26544/gpg-encrypted-mailing-list-and-other-approaches-to-safe-communication
>
> "2. Do a relay."
> Yes, except we don't want to use the mailing list maintainer keys, or
> make him manually decrypt/encrypt every message.
Sorry, of course it should be done by the list engine.
Only the concept of relaying…
This question of distributing encrypted email to an unknown number of
subscribers is quite interesting/dangerous in the point of view of
securing the information. Do you agree? Not saying it couldn't be
accomplished of course.
The reply of the question linked above said:
"When a secret is known by more than two or three people, it is no
longer a secret, merely /discreet/. Any recipient of the mailing-list,
by definition, can read all messages, hence he is *trusted* (in the
sense of: he has the power to betray you). "
Could you describe the goal to achieve?
It seems really interesting, but I've the feeling that keeping the
encryption chain will be quite difficult.
And you probably know that the encryption is as strong as it weakest
point in the chain.
Also I noticed that despite we are in 2014, using GPG is still quite
"repulsing" for basic user…
Sylvain.
More information about the Mailman-Developers
mailing list