GNU Mailman

NAH6 Secure List patch: GPG plugin

Bug #558006 reported by rop
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
New
Medium
Unassigned

Bug Description

"NAH6 Secure List" is a patch for Mailman 2.1b5 that
adds GPG functionality. It is built around a key-scheme
that allows an admin to create an encrypted list for
which even the server operator doesn't have access to
the messages.

Only the public key for the list is given to the server, so
it can perform 'emergency encryption' in case someone
forgets, and all users get the public and private key for
the list.

We think we've done a decent job of describing the new
functionality from server-operator, list-admin and list-
member points of view. There's also a technical
document for those familiar with the Mailman code.
Please have a look at:

http://www.nah6.com/products/secure-list/

and follow the links from there

We feel more people need this, and we'd really like it to
be part of the Mailman distribution at some point...

Kind Regards,

Rop Gonggrijp
Joshua Eichen

Please forgive mangling the Mailman logo on the site: if
y'all don't like it or think it's over the top we'll use
something else....

Revision history for this message
rop (rop) wrote :

The file secure-list-10-21b5.patch was added: v1.0 of the Secure List patch for Mailman 2.1b5

Revision history for this message
bwarsaw (bwarsaw) wrote :

Logged In: YES
user_id=12800

The logo's fine (plus the original is free software).

I'm defering this until after MM2.1 because we're about
ready for the first release candidate.

Revision history for this message
rop (rop) wrote :

The file secure-list-10-21b6.patch was added: Patch For Mailman 2.1 Beta 6

Revision history for this message
rop (rop) wrote :

The file secure-list-11-21b6.patch was added: v1.1 of the Secure List patch for Mailman 2.1b6

Revision history for this message
rop (rop) wrote :

The file secure-list-10-21.patch was added: v1.0 of the Secure List patch for Mailman 2.1

Revision history for this message
twouters (twouters) wrote :

Logged In: YES
user_id=34209

I'm looking at this patch, but I'm a bit confused. Which is
the newer patch, v1.0 for Mailman 2.1 (uploaded last) or
v1.1 for Mailman 2.1b5 (which is linked to from the NAH6
secure-list page.)

Otherwise, the patch looks okay. There are some whitespace
issues, and the PGP specific options aren't properly
internationalized, but that can all be fixed. The patch
edits Defaults.py, but it should be Defaults.py.in (if you
want to apply to CVS before installation, anyway.) Oh, and a
'global' statement for DETAILS in the global namespace
really isn't necessary... Do you need someone to come over
and give a Python tutorial at NAH6 ? :-)

Assigning to myself so I don't forget it; if someone else
wants it, that's fine by me.

Revision history for this message
pcarr (pcarr) wrote :

Logged In: YES
user_id=710070

The problem with the NAH approach is that every time a
member leaves the list, the administrator needs to generate
and distribute a new key, and every remaining member would
have to remove the old list key and replace it with the new
one. This could become a logistical nightmare, and makes it
more difficult to sell this capability to a group that has
people who are email savvy, but not necessarily pgp-savvy.

I prefer the approach in patch #645297, recognizing that the
task there is to maintain strict security of the server and
the secret keys of the lists.

Revision history for this message
rop (rop) wrote :

The file secure-list-10-212.patch was added: v1.0 of the Secure List patch for Mailman 2.1.2

Revision history for this message
s0undt3ch (s0undt3ch-users) wrote :

Logged In: YES
user_id=927681

+1 for this patch

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.