Hi Jonas, On 27 February 2016 at 10:35, Jonas <jo...@openmailbox.org> wrote:
> Hello Mailman developers, > > I was planning to write a pgp-encryption plugin for Mailman 3 that > manages one keypair per list and pubkeys of the subscribers. > I'm considering to do it as my first-time Google Summer of Code project. > Welcome! > > I have read the GSoC 2016 rules and the Mailman wiki GSoC 2016 pages. > I will try to work myself more into the mailman-core sources the next > few days and try to make an improvement (eg bugfix). > > About me: > I have been studying computer science in germany for two and a half > years. I have sent patches to some libre, mainly C and C++, projects. I > have only minor experience in Python but I'm used to learning by reading > documentation and sources. > Feel free to mail me if you have questions. > > The Project Idea: > Encrypted malinglists have been been a much-requested feature in mailman > 2 and I would like to run some encrypted mailinglists myself. > There is no stable pgp-aware mailserver at this time but there has been > an unstable patch for mailman 2.1.5[1] and some other unstable encrypted > list servers [2][3]). This Project could also help to evaluate the > Mailman 3 plugin system. > > If you don't know, I worked on this project some time back in GSoC 2013. The current state of that project is not very good and probably needs a *lot* of rebasing to do. I have been thinking about revisiting the project, but haven't been able to. I don't mind another GSoC for the same project if you can put up a proposal that would land the project in a better end state than I did ;-). Here is a link[1] to discussions that have already been done before on this idea. Please read it carefully as there has been a pretty extensive discussion on the security model and usability of such an implementation. I have a few small questions doubts about your features below... > Some features could be: > 1. Automatic pubkey collection from inbound mail > What happens if I send a forged email with some user's email address as FROM and use a fake key? Automatic public key collection isn't a very good idea, you should be *very* careful about how you handle public keys. > 2. Outbound mail encryption and signature validation > I would suggest you keep encryption as a part of extended goals in case of GSoC. You'd be surprised how many students are not able to finish their proposal in time. I don't say they did not do good work, just that they did not make a good estimate of their time which is a good skill one should have. > 3. Automatic keypair generation for pgp-aware lists > Just to let you know, generating keys in virtual environments is not that easy due to less available randomness as compared to PCs. > 4. Inbound mail decryption and outbound mail signature > Can you elaborate on this? Shouldn't both be working differently? Encrypted emails distributed as encrypted email and signed email distributed as signed. > 5. A mailinterface for organizing the encrypted lists, subscribers > public keys and trust levels I would like to know more on how you plan to do this. > 6. A webinterface > Can be integrated in Postorius (Mailman 3's default web UI) > 7. PGP Information in the messages (e.g. was the incoming mail signed > by a trusted subscriber?) > 8. Optionally forced encryption (such a list never sends mail to an > adress to which it can't encrypt with a pubkey that has a certain > level of trust and/or won't accept inbound mail in plaintext) > 9. Optionally forced signature (inbound mail to the list has to be > signed with a key that has a certain level of trust in order to be > published) > 10. pgp-aware command system. (eg optionally only accept admin mail > commands from signature-verified mail admins) > > Features 1.-5. are essential. > > Thoughts on Implementation: > pygpgme could be used for encryption which might easily enable S/MIME as > well. Keys could be stored in the filesystem or in databases using > SQLAlchemy. The encryption step could be implemented as a pipeline. > > > Encrypted lists in mailman would be great, I think I can implement the > plugin myself but I will need help to ensure the reliability and > security of the plugin. > > What are your thoughts on pgp in Mailman 3? > > Is this a suitable Project for the Google Summer of Code 2016? > I think so. > Would anyone be interested in becoming my mentor for this project? > I can, depending on your application. > > > Thank you, > Jonas > > > [1]: https://non-gnu.uvt.nl/mailman-pgp-smime/ > [2]: http://schleuder2.nadir.org/ > [3]: http://schleuder2.nadir.org/documentation/v2.2/faq.html#index2h3 > _______________________________________________ > Mailman-Developers mailing list > Mailman-Developers@python.org > https://mail.python.org/mailman/listinfo/mailman-developers > Mailman FAQ: http://wiki.list.org/x/AgA3 > Searchable Archives: > http://www.mail-archive.com/mailman-developers%40python.org/ > Unsubscribe: > https://mail.python.org/mailman/options/mailman-developers/raj.abhilash1%40gmail.com > > Security Policy: http://wiki.list.org/x/QIA9 > -- thanks, Abhilash Raj _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
