khushal via Mailman-Developers writes: > i'm interested in the Support for Encrypted Lists idea because > secure mailing lists and end-to-end encryption for group > communication is a really interesting problem.
I'm sorry, I've gotten strong pushback from information security experts and have withdrawn that task. They feel that email itself has so many built-in vulnerabilities that merely bolting on encryption is likely to reduce security on balance (people will write things they should keep inside their heads). For that reason, it is extremely unlikely that the implementation would be integrated into the master branch, which is an important consideration for future participation in GS0C. The fundamental problem in implementation is that an encrypted email channel doesn't control either end, so cannot possibly guarantee end to end encryption. The best you can do is encryption in transit, and we already have that with TLS. There is also the extremely hard problem that in any straightforward implementation the list is a person in the middle. That implies that the host itself should be well-hardened, or you need to figure out how to distribute the session key to endpoints without informing the list manager. Steve -- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan _______________________________________________ Mailman-Developers mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/mailman-developers.python.org/ Mailman FAQ: https://wiki.list.org/x/AgA3 Security Policy: https://wiki.list.org/x/QIA9
