Re: [ilugd] PGP and mailing lists
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The Secure List Server[1], based on GNU Mailman, provides OpenPGP and S/MIME encryption support for mailing list. Following is an excerpt from site: - 88 A post will be distributed only if the PGP (or S/MIME) signature on the post is from one of the list members. For sending encrypted email, a list member encrypts to the public key of the list. The post will be decrypted and re-encrypted to the public keys of all list members. - 88- References: [1] - http://non-gnu.uvt.nl/mailman-ssls/ Ashish - -- ·-- ·- ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- -- -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkiC2eoACgkQHy+EEHYuXnQNnACgyqGY+A7UrqdJSTuSjKSq+cCX 6c0AoNqBqEGxBWInBSHQ0jwt5N2M6lLk =43CO -END PGP SIGNATURE- ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
[ilugd] PGP and mailing lists
Hi, I recently installed on pgp4win on my windows machine to encyrpt and decrypt my emails. Since Im new to this stuff I have a couple of questions: 1) Why dont services like Gmail understand PGP encrypted messages and decrypt them? Has this got something to do with export regulations on encyrption software? 2) If i send a PGP encrypted message to the mailing list with my public key in the -BEGIN PGP PUBLIC KEY BLOCK- -END PGP PUBLIC KEY BLOCK- blocks is it ok? Will a user using gmail/yahoomail be able to read my messages? If yes then how does it happen? Does the mailing list server do the decryption? If yes, does that mean I receive clear text mails even though someone wanted to send an encrypted message? My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? One more thing? Is it possible to encrypt the subject also? -- Puneet http://sahyog.blogspot.com/ Latest Post: javac -g ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] PGP and mailing lists
On Wednesday 16 Jul 2008, Puneet Lakhina wrote: 1) Why dont services like Gmail understand PGP encrypted messages and decrypt them? Has this got something to do with export regulations on encyrption software? Because the mail service does not have your PGP private key, which is needed for decrypting PGP-encrypted messages. And if it did, the whole point of PGP (end-user validation/privacy of messages) would be lost. 2) If i send a PGP encrypted message to the mailing list with my public key in the -BEGIN PGP PUBLIC KEY BLOCK- -END PGP PUBLIC KEY BLOCK- blocks is it ok? Will a user using gmail/yahoomail be able to read my messages? If yes then how does it happen? Does the mailing list server do the decryption? If yes, does that mean I receive clear text mails even though someone wanted to send an encrypted message? Why would you send an encrypted message to a mailing list? My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? Once again, if you're going to send an encrypted message to a mailing list, don't send it. Are you confused about what PGP does and why/how to use it? One more thing? Is it possible to encrypt the subject also? Theoretically, yes. Regards, -- Raju -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F PsyTrance Chill: http://schizoid.in/ || It is the mind that moves ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] PGP and mailing lists
On Wednesday 16 Jul 2008, Puneet Lakhina wrote: 1) Why dont services like Gmail understand PGP encrypted messages and decrypt them? Has this got something to do with export regulations on encyrption software? Raj Mathur [EMAIL PROTECTED] writes: Because the mail service does not have your PGP private key, which is needed for decrypting PGP-encrypted messages. And if it did, the whole point of PGP (end-user validation/privacy of messages) would be lost. Indeed. Plus google likes mining e-mail data, so in principle they wouldn't want to encourage storage of encrypted mail on their systems. That said, there are some plugins for firefox that let you encrypt and decrypt google mail in the browser. I am unsure if it gets past the issue of google's rather aggressive draft caching during composition though. My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? Maybe. Depends where the e-mail admin is in the pipeline. Maybe get a paid consultation from someone to look at the details if you are that worried. Else you'll get often get pointed to self-study such issues. Your issues may not just be solvable using pgp/gpg alone - you may need to have a good look at the processes and the reasoning behind it by a security consultant. But it depends how paranoid you are. PJ ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] PGP and mailing lists
2008/7/16 Puneet Lakhina [EMAIL PROTECTED]: 1) Why dont services like Gmail understand PGP encrypted messages and decrypt them? Has this got something to do with export regulations on encyrption software? For encrypting/decrypting messages you need access to the reciever's public key too. You can do this if you are using a pop/imap client on your desktop to retrieve emails from gmail. 2) If i send a PGP encrypted message to the mailing list with my public key in the -BEGIN PGP PUBLIC KEY BLOCK- -END PGP PUBLIC KEY BLOCK- blocks is it ok? Will a user using gmail/yahoomail be able to read my messages? If yes then how does it happen? Does the mailing list server do the decryption? If yes, does that mean I receive clear text mails even though someone wanted to send an encrypted message? Are you confused between encrypted emails and digitally signed emails? Digitally signed mails can be sent to anybody. To verify the message integrity, receivers need access to your public key - but they can still read your emails without your keys. My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? PGP is a good solution for end-to-end encryption. If you send encrypted mails to the list, then how would the thousands of list readers be able to decrypt the message? And what about the list archives? Anurag -- -- Anurag 0xB20A82C1 http://web.gnuer.org/blog/ ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] PGP and mailing lists
Puneet Lakhina wrote: My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? If you want people be not able to read your mails, then why send one to a mailing list at all? I thought mailing list were about sharing information, even in private ones it is sharing between a closed group of people. When you encrypt your mail and send it to a public mailing list, how does it serve the purpose? And, haven't seen a mailing list admin who sits and clears out every mail being sent to the list (as being one myself). They just moderate mails which look like spam or mails which are too big than the permitted size. -- --- With Regards, Parthan technofreak gpg 2FF01026 blog http://blog.technofreak.in ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] PGP and mailing lists
On Wed, Jul 16, 2008 at 17:03, Parthan SR [EMAIL PROTECTED] wrote: Puneet Lakhina wrote: My main reason for this newly accquired paranoia about email privacy is that I dont want my email admin to be reading my mails, even if they are to the mailing list. Is PGP the right thing for this? If you want people be not able to read your mails, then why send one to a mailing list at all? I thought mailing list were about sharing information, even in private ones it is sharing between a closed group of people. When you encrypt your mail and send it to a public mailing list, how does it serve the purpose? And, haven't seen a mailing list admin who sits and clears out every mail being sent to the list (as being one myself). They just moderate mails which look like spam or mails which are too big than the permitted size. I think I have got a little to confused in this paranoia. Anyway what I really wanted was that my mail admin shouldnt know what mails Im sending. So I thought of encrypting my messages. But obvioulsy this doesnt apply in a mailing list context, coz in that case even if everyone had decryption s/w installed I wouldnt know which public key to encrypt against. -- --- With Regards, Parthan technofreak gpg 2FF01026 blog http://blog.technofreak.in ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ -- Puneet http://sahyog.blogspot.com/ Latest Post: javac -g ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/