Ian Eiloart writes: > Also, what kind of secure list would have automated processing of > message content as a requirement?
Precisely, a list that wants to avoid this requirement: > If a message is gpg encrypted, then every sender would require the > public keys of every recipient, would they not? The idea is that senders use the list's public key. The list holds those public keys, and uses them to re-encrypt the message on a recipient-by-recipient basis after decrypting with its own private key. The discussion has been about how to deal with attacks on (a) the list's private key (including offline attacks on the hard drive) and on (b) the temporarily decrypted text (which could end up in the clear for a long time in a queue file or if Mailman crashes). _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9