[Mailman-Developers] Encrypted lists predictable difficulties and implementation needs
Rich Kulawiec
rsk at gsp.org
Tue Mar 21 18:30:17 EDT 2017
On Sun, Mar 19, 2017 at 07:33:24AM -0400, Richard Damon wrote:
> I would say that the problem that is being attempted to solve is
> fundamentally impossible to do perfectly. It is impossible to distribute
> messages in a secure manner to a number of recipients that you don't have
> total control over their enviroment and KNOW that security is being
> maintained. Communication always has that sort of issue, if you tell someone
> something private, you need to be able to trust that they will keep it
> private, and their is always a risk that they will reveal the information
> intentionally or accidentally.
[snip]
I think this (and the rest, which I've elided for brevity) is a very good
statement of the problem.
I'll just add that -- in the general case, and quoting from the above,
we already KNOW that security is *not* being maintained. It's not an
open question, it's been answered very clearly for well over a decade.
(In the specific case, e.g., the right people using the right devices
with the right knowledge and self-discipline: maybe. But there are
not many of those cases and any of them can revert to the general case
in seconds with one poor decision or perhaps even without one.)
---rsk
More information about the Mailman-Developers
mailing list