On 04/27/2013 01:36 PM, Stephen J. Turnbull wrote: > without a complete redesign starting > from the assumption of encrypted messages whose plain text must > be exposed as briefly as possible.
At least one project suggests that it may be possible to operate an encrypted mailing list such that the automated remailing daemon does not have any access to the cleartext body of the messages, and the mailing list members don't need to do any key management of other members of the list. SELS does this through some interesting cryptographic techniques, and was actually built on top of unmodified mailman, afaict: http://sels.ncsa.illinois.edu/ If you're interested in looking for ways that mailman could provide list members with message content protection even in the face of an exploitable bug in mailman itself, this might be an interesting approach to consider (e.g. perhaps SELS could be revived and integrated directly). for the record: I have never run an SELS server, and have never read the code. I just think it's an interesting idea. just a thought, --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9