rich...@karmannghia.org writes:
> ...I would hope that all netizens are fully aware (and obviously
> not all are) that there is not and cannot be such a thing as "safe
> environment for email discussions" with email as now practiced and
> to create it requires a serious overhaul of the way email is
> conducted.
My original point was I feel perfectly safe here on Mailman lists (of
course I am in a position to get people banned, so I am in fact safer
than the average bear, though I would not mess with a Kodiak).
> It doesn't have to be this way: email bodies and even the
> destination username and other parts of email headers COULD be
> encrypted when enroute via the same mechanisms as we have long used
> for secured web sites,
True, and in fact many sites implement the enroute part, it's called
mandatory TLS. I would imagine the proposals to make traffic analysis
more difficult would apply here too.
> and even end-to-end encryption isn't too difficult to implement,
> and I'd lay a substantial bet that an open-sourced effort
> harnessing the ideas of DKIM / SPF / DMARC could easily and simply
> accomplish this.
I've thought a lot about this, it has been proposed multiple times as
a GSoC project for Mailman, and this is simply not true for mailing
lists as implemented in Mailman. In particular, it's simply not
possible to achieve end-to-end encryption as a mailing list function.
The list has to have access to the session key to give access to that
key to subscribers, at which point you've been hacker-in-the-middle-d.
I can imagine applications where you're willing to trust the list,
though, and if there were demand for that, I'd be willing to supervise
a GSoC student who wanted to implement it.
Note that it is certainly possible to have end-to-end encryption of
list email, but it requires that each poster have all the subscriber
keys. I guess you could marry a keyserver with a mailing list, and if
you want to call that "end-to-end encryption via mailing list" go
ahead, but you still have to solve the problem of getting posters to
keep their keyrings up to date, so I consider that "not a mailing list
function".
And of course you only asked for security of "data in motion", but
then you've got the harder problem of securing data at rest (which
also requires cooperation from either recipients or from their MUAs --
buwhahahahaha!)
> However, the simple (and for me painful) truth is that The Powers
> That Be _obviously_ do not want us to have secure
> communications. Their excuse is fear ("terrorism!") and their more
> dominant motive is profit. It's truly as simple is that.
It's not that simple though. While you're gonna need some *serious*
booking up before you can win that substantial bet ;-), it would be
possible (and has been done, cypherpunkery is real!) The problem is
that we don't want it as bad as the cypherpunks did. So far we've
been able to resist laws that require backdoors (who knows how many
backdoors are there by bribery or other skullduggery, but it's not
*legal*). So for some things we can win. But if we want really
secure mail, as secure as for financial networks (which aren't perfect
but they do OK), we're going to have to pay for it, and the average
bloke isn't interested. They'd rather be outraged when their secrets
get blabbed and their brother-in-law who actually did the dirty deed
says "wasn't me, was some 400-lb-hacker-in-Mom's-basement".
> Anyone who thinks their unencrypted emails are in any way secure on
> the open internet is, unfortunately SADLY mistaken.
This is true. Security by obscurity works up to a point, but if you
ever get targeted by the FBI you're toast.
> P.S. PERHAPS someone reading this has the energy and gumption to
> change this?! I sure hope so! ...I've been using email for 47 years
> now, I did my part, I tried hard, it's up to younger generations to
> carry it forward now. But I'll be happy to assist anyone else's
> efforts on this!
I'm not volunteering for the hacking part, but if somebody eligible
for GSoC wants to propose it, and the mentors like the proposal, I'll
mentor it.
Steve
------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@jab.org
