[Mailman-Developers] GSoC Project: pgp plugin

Sat Feb 27 13:35:01 EST 2016

Hello Mailman developers,

I was planning to write a pgp-encryption plugin for Mailman 3 that
manages one keypair per list and pubkeys of the subscribers.
I'm considering to do it as my first-time Google Summer of Code project.

I have read the GSoC 2016 rules and the Mailman wiki GSoC 2016 pages.
I will try to work myself more into the mailman-core sources the next
few days and try to make an improvement (eg bugfix).

About me:
I have been studying computer science in germany for two and a half
years. I have sent patches to some libre, mainly C and C++, projects. I
have only minor experience in Python but I'm used to learning by reading
documentation and sources.
Feel free to mail me if you have questions.

The Project Idea:
Encrypted malinglists have been been a much-requested feature in mailman
2 and I would like to run some encrypted mailinglists myself.
There is no stable pgp-aware mailserver at this time but there has been
an unstable patch for mailman 2.1.5[1] and some other unstable encrypted
list servers [2][3]). This Project could also help to evaluate the
Mailman 3 plugin system.

Some features could be:
 1. Automatic pubkey collection from inbound mail
 2. Outbound mail encryption and signature validation
 3. Automatic keypair generation for pgp-aware lists
 4. Inbound mail decryption and outbound mail signature
 5. A mailinterface for organizing the encrypted lists, subscribers
    public keys and trust levels
 6. A webinterface
 7. PGP Information in the messages (e.g. was the incoming mail signed
    by a trusted subscriber?)
 8. Optionally forced encryption (such a list never sends mail to an
    adress to which it can't encrypt with a pubkey that has a certain
    level of trust and/or won't accept inbound mail in plaintext)
 9. Optionally forced signature (inbound mail to the list has to be
    signed with a key that has a certain level of trust in order to be
    published)
10. pgp-aware command system. (eg optionally only accept admin mail
    commands from signature-verified mail admins)

Features 1.-5. are essential.

Thoughts on Implementation:
pygpgme could be used for encryption which might easily enable S/MIME as
well. Keys could be stored in the filesystem or in databases using
SQLAlchemy. The encryption step could be implemented as a pipeline.

Encrypted lists in mailman would be great, I think I can implement the
plugin myself but I will need help to ensure the reliability and
security of the plugin.

What are your thoughts on pgp in Mailman 3?

Is this a suitable Project for the Google Summer of Code 2016?
Would anyone be interested in becoming my mentor for this project?

Thank you,
Jonas

[1]: https://non-gnu.uvt.nl/mailman-pgp-smime/
[2]: http://schleuder2.nadir.org/
[3]: http://schleuder2.nadir.org/documentation/v2.2/faq.html#index2h3