At 8:31 AM +0100 2005-03-02, Stefan Schlott wrote:
This will create huge messages in large MLs.
Each additional recipient would be a few extra bytes in the encrypted message. However, since the message is compressed first, unless you've got a list of thousands and thousands of recipients, then odds are that the result would still be smaller in size than a message that was only PGP-signed.
Further, this will reveal all recipients' key ids - something not wanted in anonymous lists.
True. A session key would be encrypted to each key id, so the key ids would be visible. However, subscriber information is not too hard to get from Mailman even when it's supposedly limited to being available only to the admin, so I think there may be bigger fish to fry elsewhere.
Imho the tradeoff lies somewhere inbetween - encrypt messages to n recipients (yet to be implemented).
The problem is that encrypting a message is a very CPU-intensive process, and you don't want to figure off thousands and thousands of message encryption processes for every single submission -- you'd DoS yourself to death. You'd have to make n pretty large in order to be able to make this scalable.
-- Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info. _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
