On 04/11/2013 09:13 AM, Stefan Schlott wrote: > True, the PGP file structure encapsulates the signature within the > encryption (in contrast to S/MIME, which does it vice versa). But the > standard PGP binary will strip both in one step, so keeping the > signature won't work out of the box (at least I didn't manage to do > that, I'd be really interested how to do that - would be useful for > searchable mail archives).
It's certainly possible within the OpenPGP spec to have the mailing list software decrypt its Encrypted Session Key (ESK) OpenPGP packet from an encrypted message, and then add a new ESK packet (or replace the old one) for each list subscriber. IIUC, this should leave the original message's signature intact. Whether any of the various OpenPGP-related toolkits that are readily available for python are capable of doing these operations is another matter. If you're playing with this stuff, i recommend reading the OpenPGP RFC, which actually describes how all the data fits together: https://tools.ietf.org/html/rfc4880 you may also be interested in the PGP/MIME spec, which concerns how to to format OpenPGP within an e-mail: https://tools.ietf.org/html/rfc3156 Note that the design proposed in this thread is similar to the schleuder2 design, though schleuder doesn't preserve the original signer's signature either, but substitutes it with a message signature from the mailing list itself. This design also exposes the content of each message to the mailing list software itself. There are other architectures that make it so the mailing list software never actually gets to see the content of the message (see PSELS for an example). --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
