On 04/27/2013 12:45 PM, Stephen J. Turnbull wrote: > Stefan Schlott writes: > > > 2. Your list has elevated security requirements. In this case, you can > > use gpg-agent to manage the secret key (and its passphrase). > > I don't understand what threat you propose to address in this way. > It's true that you can prevent the attacker from getting access to the > key (using agent forwarding or a token, it need not be on the exposed > host at all), but we're assuming he has access to the host and the > Mailman process.
If mailman is storing messages on-disk in an encrypted form, Stefan's
proposal mitigates the threat of an adversary with offline access to the
disk (e.g. in the event of server theft or seizure) -- no additional
message content will be revealed if such an adversary scrapes the
contents of the disk.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mailman-Developers mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
