Hi Christian,
On 2/12/2021 5:01 AM, Mailman-admin wrote:
Hello
Am 11.02.21 um 19:24 schrieb Dennis Putnam:
Does anyone have any experience with this that can provide a review
and/or advice? TIA.
http://non-gnu.uvt.nl/mailman-pgp-smime/
1) From the site itself:
"Beware! This code has not been touched since 2010-09. Therefore, it's
mainly obsolete.
DO NOT USE THIS CODE"
2) In my experience the main problem is not to decrypt and encrypt
emails, it is to get the public keys of your users and keep your private
keys valid.
For a public encrypted mailing list server you need an S/MIME
certificate *and* an PGP certificate for each list.
That is, because you usually can not restrict users to one method or the
other, and they are not compatible.
Especially S/MIME certificates expire after some time (yearly, or up to
5 years).
Your PGP certificates should expire too, for security reasons.
You need to keep them both up to date with overlapping new certificates.
And you need to distribute their public keys to your users.
Then you need to know the preferred encryption method of each user plus
their public keys.
Those will change too, therefore you need some mechanism to get the
current one and keep them in sync.
And make sure, to never use expired ones.
Kind regards,
Christian Mack
Thanks for that info. None of it sounds insurmountable other than the
code itself. If I need a secure mailman list, is there another alternative?
--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
