Patches item #646989, was opened at 2002-12-02 16:07 Message generated for change (Comment added) made by s0undt3ch You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=300103&aid=646989&group_id=103
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: list administration Group: Mailman 2.2 / 3.0 Status: Open Resolution: None Priority: 6 Submitted By: Rop Gonggrijp (rop) Assigned to: Thomas Wouters (twouters) Summary: NAH6 Secure List patch: GPG plugin Initial Comment: "NAH6 Secure List" is a patch for Mailman 2.1b5 that adds GPG functionality. It is built around a key-scheme that allows an admin to create an encrypted list for which even the server operator doesn't have access to the messages. Only the public key for the list is given to the server, so it can perform 'emergency encryption' in case someone forgets, and all users get the public and private key for the list. We think we've done a decent job of describing the new functionality from server-operator, list-admin and list- member points of view. There's also a technical document for those familiar with the Mailman code. Please have a look at: http://www.nah6.com/products/secure-list/ and follow the links from there We feel more people need this, and we'd really like it to be part of the Mailman distribution at some point... Kind Regards, Rop Gonggrijp Joshua Eichen Please forgive mangling the Mailman logo on the site: if y'all don't like it or think it's over the top we'll use something else.... ---------------------------------------------------------------------- Comment By: Pedro Algarvio (s0undt3ch) Date: 2006-10-13 02:06 Message: Logged In: YES user_id=927681 +1 for this patch ---------------------------------------------------------------------- Comment By: Pat Carr (pcarr) Date: 2003-06-21 03:23 Message: Logged In: YES user_id=710070 The problem with the NAH approach is that every time a member leaves the list, the administrator needs to generate and distribute a new key, and every remaining member would have to remove the old list key and replace it with the new one. This could become a logistical nightmare, and makes it more difficult to sell this capability to a group that has people who are email savvy, but not necessarily pgp-savvy. I prefer the approach in patch #645297, recognizing that the task there is to maintain strict security of the server and the secret keys of the lists. ---------------------------------------------------------------------- Comment By: Thomas Wouters (twouters) Date: 2003-03-10 16:16 Message: Logged In: YES user_id=34209 I'm looking at this patch, but I'm a bit confused. Which is the newer patch, v1.0 for Mailman 2.1 (uploaded last) or v1.1 for Mailman 2.1b5 (which is linked to from the NAH6 secure-list page.) Otherwise, the patch looks okay. There are some whitespace issues, and the PGP specific options aren't properly internationalized, but that can all be fixed. The patch edits Defaults.py, but it should be Defaults.py.in (if you want to apply to CVS before installation, anyway.) Oh, and a 'global' statement for DETAILS in the global namespace really isn't necessary... Do you need someone to come over and give a Python tutorial at NAH6 ? :-) Assigning to myself so I don't forget it; if someone else wants it, that's fine by me. ---------------------------------------------------------------------- Comment By: Barry A. Warsaw (bwarsaw) Date: 2002-12-12 04:01 Message: Logged In: YES user_id=12800 The logo's fine (plus the original is free software). I'm defering this until after MM2.1 because we're about ready for the first release candidate. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=300103&aid=646989&group_id=103 _______________________________________________ Mailman-coders mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-coders
