If you need a truly secure contact method why not run a micro forum and use SSL instead? You could install LAMP and phpBB and then manually approve sign ups and use complex permissions. On Aug 21, 2013 9:31 AM, "Griffin Boyce" <[email protected]> wrote:
> On 08/21/2013 03:44 AM, Matej Kovacic wrote: > > All mail sent to the list should then be encrypted (recipient is mailing > > list address and user has it's public GPG key). Mailing list would then > > decrypt it, and deliver that message to it's users encrypted and signed. > > Well, it may offer some benefit if you (as a subscriber) don't trust > your email provider. But it's not that useful if you don't trust the > mailing list server. Even if you're sending your mail encrypted to the > server, the server then would need to decrypt it before encrypting it to > the recipients. It also doesn't protect against someone you don't trust > being added to the mailing list (thereby getting all emails) or someone > on the mailing list sending mails outside or betraying people (which > never happens). > > tl;dr: Might be okay in some threat models, doesn't work in others. > ;-) Good for people who are trying to emphasize the active use of GPG. > People who cross borders frequently are better served by full-disk > encryption. > > best, > Griffin > > -- > "Cypherpunks write code not flame wars." --Jurre van Bergen > #Foucault / PGP: 0xAE792C97 / OTR: [email protected] > > My posts, while frequently amusing, are not representative of the thoughts > of my employer. > > -- > tor-talk mailing list - [email protected] > To unsusbscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
