Hi Noel, This is really in my ball-game, and a very interesting scenario. Unfortunately my time is a bit sparse, after leaving my secure job and starting as an independant consultant.
Do you know if any standard exists for such a scheme? --Søren -- Søren Hilmer, M.Sc., M.Crypt. wideTrail Phone: +45 25481225 Pilevænget 41 Email: [EMAIL PROTECTED] DK-8961 Allingåbro Web: www.widetrail.dk On Wed, January 4, 2006 05:11, Noel J. Bergman wrote: > For key management, I could see something like: > > - A keypair is provided to the MLM for each mailing list > - During the subscribe request handshake, the user would > sign the subscription request. > - The MLM would verify that the signature matches the e-mail > address associated with the request, sign and encrypt a > confirmation request, and send it to the requested address. > - The user would send a signed and encypted confirmation. > - The MLM would subscribe the user and public key, and send > an encrypted confirmation. > > Thereafter, the sender would send encrypted and/or signed messages, > depending upon list policy, and the list would be able to send encrypted > messages to each user. This would provide privacy of content and prevent > address spoofing, both for senders and recipients. > > --- Noel > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
