Hi (and hi Stefan!), On Thu, Apr 11, 2013 at 09:23:35AM +0200, Stefan Schlott wrote: > On 11.04.2013 06:19, Joost van Baal-Ilić wrote: > > > I am Joost van Baal-Ilić. I create a PGP keypair with ID Barry Warsaw. I > > sent > > the public key to the list server. I sent a mail, signed with the > > Barry-key, > > encrtypted to the listkey, with From: Barry's email address, to the list. > > The listserver now distributes it to the lists subscribers, yes? The list > > subscribers will believe the message is from Barry. > > You would have to do some key confirmation, just like you have to click > a mail confirmation link upon subscription. > > Next problem: Mailman will have to decrypt the message and re-encrypt it > for each recipient. This also strips the signature of the original > sender.
Not necessarily, iirc. > How do you show to the recipients that the original message was > signed (in a way which cannot be forged by any other sender)? > > Generally speaking PGP support would be great, the efforts Joost and I > made about 10 years ago never made it beyond alpha (or beta at best) > stadium... ACK. Bye, Joost _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
