On Tue, Jun 16, 2009 at 12:42:22PM -0500, Derek Martin wrote: > On Tue, Jun 16, 2009 at 08:18:28AM -0600, Richard Johnson wrote: > > The people behind the address (it's an email reflector) all have their own > > gpg and pgp keys [1]. > > The best way to handle this is to have the e-mail reflector do it. > The e-mail reflector should provide a public key to which you encrypt > the mail, then it decrypts and re-encrypts to all the subscribers. > The "best" part of this is that the subscribers don't need to have > everyone else's keys. > One such list management software is here: > http://www.synacklabs.net/projects/crypt-ml/
Yes, I've looked at such methods. However, that technique in general doesn't match our security requirements. We need end-to-end trust between mutually shared keys, without a man in the middle. That's why I'm trying to get mutt to do the kind of encryption to multiple keys for a single address that everyone else on the team does in Thunderbird with Enigmail <grin>. Richard