On 13-05-09 11:17 AM, Daniel Kahn Gillmor wrote:
I'm imagining a first phase ("message authentication") would not expect or handle encrypted messages, but would just use cryptographic signatures to verify the authenticity of origin of the incoming message, enhancing (and/or replacing) some of the current checks mailman uses to decide if a message should be passed on to the list.Then the second phase ("encrypted messages") would address the possibility of having encrypted message content. I'm not a mailman developer; but I'd be curious to hear what mailman devs think of this breakdown.
Nice timing! This is *exactly* what a few of Mailman devs who are awake were talking about on IRC an hour or two ago. Re-organizing like this would be a great way to make sure that openPGP as a GSoC project can have a useful but smaller scale first goal, leaving full encryption as more of a stretch goal, which might work better for the GSoC timeline.
Terri _______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
