[Mailman-Developers] [GSoC] Encrypted mailing lists - final evaluation
Jan Jancar
johny at neuromancer.sk
Tue Aug 29 13:23:40 EDT 2017
Hi all.
https://neuromancer.sk/article/18
=====================
Final work submission
=====================
As the GSoC 2017 final evaluation period just ended, my final work
product is finally submitted. This post is a summary of my final work
product.
Mailman-pgp
===========
- https://gitlab.com/J08nY/mailman-pgp
- https://mailman-pgp.readthedocs.io/en/latest/
- Plugin for Mailman Core.
- Enables creating a PGP mailing list, which has a list key, can
receive and serve messages encrypted, can sign and receive signed
messages from subscribers.
- Creates the `key` email command, which is used for per-address user
key management.
- Subscription to a PGP enabled mailing list the subscribing address
to send and confirm an address public key, which the moderator must verify.
- Somewhat confirms the user has possession of the appropriate private
key to the one sent on subscription.
- Has per-list settings for encryption/signatures/what to do with non
encrypted / non signed messages, etc..
- Optionally exposes a REST API for list configuration.
- Has local archivers which can store the messages encrypted by the
list key.
- Stores list and address keys in configurable key directories.
- requires (some not merged) MRs in Mailman Core
- [mailman/pluggable-components], merged as [mailman!308]
- [mailman/list-style-descriptions]
- [mailman/pluggable-workflows]
- [mailman/pipelines-dynamical-instantiation], merged
- additional MR (not required)
- [mailman/mta-smtps-starttls]
- Required branches are merged and maintained at [J08nY/mailman/plugin.
- To install, do `pip install mailman-pgp`, warning: it will pull in a
development version of Mailman Core and PGPy.
django-pgpmailman
=================
- https://gitlab.com/J08nY/django-pgpmailman
- A Django app, uses django-mailman3 and mailmanclient, integrates
well with Postorius and HyperKitty.
- Provides management of PGP enabled mailing lists to the list owner,
and of PGP related subscription settings to the subscriber.
- requires (currently not merged) MRs in mailmanclient,
django-mailman3, Postorius and HyperKitty
- [mailmanclient/plugin-bindings]
- [django-mailman3/template-chunks]
- [postorius/template-chunks]
- [hyperkitty/template-chunks]
mailman-rest-events
===================
- https://gitlab.com/J08nY/mailman-rest-events
- A plugin for Mailman Core that turned out to be unnecessary for the
working of django-pgpmailman, but implemented a similar feature as this
[MR](https://gitlab.com/mailman/mailman/merge_requests/264).
- This plugin sends the events (and some information about them) from
Mailman Core to a list of configurable endpoints using JSON in HTTP POST
requests.
Other contributions
===================
- [mailmanclient/split-sources], merged
- [postorius/list-style-selection]
- Many many PRs to [PGPy], a Python only implementation of OpenPGP.
[19 PRs] and counting. As PGPy was not and still is not feature complete
in regards to RFC4880 I found out many times that it's missing
features/bugs broke mailman-pgp CI. It would not make sense fixing them
locally, both from a software design perspective and open source
software one aswell.
## Overall
I think I met almost all goals that the project idea required and my
original proposal stated, with the noteworthy exception of remote
archiving to HyperKitty which I just couldn't find a way to integrate.
[mailman/pluggable-components]:
https://gitlab.com/mailman/mailman/merge_requests/288
[mailman!308]:
https://gitlab.com/mailman/mailman/merge_requests/308
[mailman/list-style-descriptions]:
https://gitlab.com/mailman/mailman/merge_requests/289
[mailman/pluggable-workflows]:
https://gitlab.com/mailman/mailman/merge_requests/299
[mailman/pipelines-dynamical-instantiation]:
https://gitlab.com/mailman/mailman/merge_requests/287
[mailman/mta-smtps-starttls]:
https://gitlab.com/mailman/mailman/merge_requests/286
[J08nY/mailman/plugin]: https://gitlab.com/J08nY/mailman/tree/plugin
[mailmanclient/plugin-bindings]:
https://gitlab.com/mailman/mailmanclient/merge_requests/34
[django-mailman3/template-chunks]:
https://gitlab.com/mailman/django-mailman3/merge_requests/8
[postorius/template-chunks]:
https://gitlab.com/mailman/postorius/merge_requests/215
[hyperkitty/template-chunks]:
https://gitlab.com/mailman/hyperkitty/merge_requests/65
[mailmanclient/split-sources]:
https://gitlab.com/mailman/mailmanclient/merge_requests/38
[postorius/list-style-selection]:
https://gitlab.com/mailman/postorius/merge_requests/214
[PGPy]: https://github.com/SecurityInnovation/PGPy
[19 PRs]:
https://github.com/SecurityInnovation/PGPy/pulls?utf8=%E2%9C%93&q=is%3Apr%20author%3AJ08nY
Cheers,
--
Jan
______________________________________________________
/\ # PGP: 362056ADA8F2F4E421565EF87F4A448FE68F329D
/__\ # https://neuromancer.sk
/\ /\ # Eastern Seaboard Phishing Authority
/__\/__\ #
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-developers/attachments/20170829/2e957634/attachment.sig>
More information about the Mailman-Developers
mailing list