Sergio, It would be useless to try and use SSL for debian-security, because it is a publicly accessible list, which sort of defeats the purpose of SSL...
Regards, Alex. --- PGP/GPG Fingerprint: EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+ G e-- h++ r--- y ------END GEEK CODE BLOCK------ On Fri, 26 May 2000, Sergio Brandano wrote: > > Alexander Hvostov wrote > > > ...Unless you encrypt to a public key belonging to everyone on the > > mailing list, which certainly can be done, though this means > > distributing the appropriate public/private key pair, so the keys > > themselves would also have to be encrypted, probably to each > > individual user. > > > > Of course, you could also implement something like a bulletin board > > on HTTP over SSL instead... or maybe SMTP over SSL to each individual > > list subscriber. (insecure; most subscribers don't run their own mail > > server) > > I have a comment on this, related to the never ending battle against > SPAM. Why is that mailing lists, that are open only to subscribers, > make public the content of thir messages (including addresses) on the > web? Yes, archiving. But that opens the way to address collection. > > I like your proposal of using SSL for this list. And I think we > should give it a try. > > Sergio >
