[Mailman-Developers] Encrypted lists predictable difficulties and implementation needs

[Rich Kulawiec]

On Wed, Mar 15, 2017 at 11:31:44PM -0500, J.B. Nicholson wrote:
> I understand there are more insecure devices on the Internet all the time
> and that's unfortunate, but I don't think it's avoidable. What do you
> suggest we do about this using Mailman (since this is Mailman-developers)?

I suggest that Mailman do nothing, because even if it solves all the
problems that it can solve, all it will do is provide a thin veneer of
security/privacy on top of a thoroughly rotten foundation.  Yes, there
will be small, limited cases where it'll be able to deliver on its
promises -- because every person involved is diligent and every device
involved is secure -- but that's clearly not the way to bet.

Moreover, none of this comes for free: there is opportunity cost,
complexity cost, maintenance cost, interoperability cost, etc.
In my view, it's not worth incurring all these costs to implement
something that we already know, today, right now, is not going to
work in the contemporary Internet environment -- because it relies
on underlying assumptions about endpoint security that almost certainly
won't be true as soon as the deployment scale reaches modest numbers.

I think a better course of action is to recommend that those with the
sort of requirements being articulated here not use mailing lists at all.

---rsk