Hello Mailman developers, I was planning to write a pgp-encryption plugin for Mailman 3 that manages one keypair per list and pubkeys of the subscribers. I'm considering to do it as my first-time Google Summer of Code project.
I have read the GSoC 2016 rules and the Mailman wiki GSoC 2016 pages. I will try to work myself more into the mailman-core sources the next few days and try to make an improvement (eg bugfix). About me: I have been studying computer science in germany for two and a half years. I have sent patches to some libre, mainly C and C++, projects. I have only minor experience in Python but I'm used to learning by reading documentation and sources. Feel free to mail me if you have questions. The Project Idea: Encrypted malinglists have been been a much-requested feature in mailman 2 and I would like to run some encrypted mailinglists myself. There is no stable pgp-aware mailserver at this time but there has been an unstable patch for mailman 2.1.5[1] and some other unstable encrypted list servers [2][3]). This Project could also help to evaluate the Mailman 3 plugin system. Some features could be: 1. Automatic pubkey collection from inbound mail 2. Outbound mail encryption and signature validation 3. Automatic keypair generation for pgp-aware lists 4. Inbound mail decryption and outbound mail signature 5. A mailinterface for organizing the encrypted lists, subscribers public keys and trust levels 6. A webinterface 7. PGP Information in the messages (e.g. was the incoming mail signed by a trusted subscriber?) 8. Optionally forced encryption (such a list never sends mail to an adress to which it can't encrypt with a pubkey that has a certain level of trust and/or won't accept inbound mail in plaintext) 9. Optionally forced signature (inbound mail to the list has to be signed with a key that has a certain level of trust in order to be published) 10. pgp-aware command system. (eg optionally only accept admin mail commands from signature-verified mail admins) Features 1.-5. are essential. Thoughts on Implementation: pygpgme could be used for encryption which might easily enable S/MIME as well. Keys could be stored in the filesystem or in databases using SQLAlchemy. The encryption step could be implemented as a pipeline. Encrypted lists in mailman would be great, I think I can implement the plugin myself but I will need help to ensure the reliability and security of the plugin. What are your thoughts on pgp in Mailman 3? Is this a suitable Project for the Google Summer of Code 2016? Would anyone be interested in becoming my mentor for this project? Thank you, Jonas [1]: https://non-gnu.uvt.nl/mailman-pgp-smime/ [2]: http://schleuder2.nadir.org/ [3]: http://schleuder2.nadir.org/documentation/v2.2/faq.html#index2h3 _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9