Hi,
I want to discuss about secure mailing list service using OpenPGP.
I have developed a secure mailing list service by extending an existing
mailing list server, FML 2.2 (see
http://www.sapporo.iij.ad.jp/staff/fukachan/href/fml/index-e.html). The
patch to the original source code will be released in a few weeks.
Using this extention, a member of a secure mailing list service can sends a
message encrypted to the public key of the server, and the destribution of
the message is also encrypted. The server decrypts the message and encrypts
to the all public keys of the members of the list. Then the server delivers
the re-encrypted message to the members.
In the current implementaiton, the server clips a message from an armor
header line, BEGIN PGP MESSAGE to an armor trailer line, END PGP MESSAGE,
and pipes the clipped message to decrypt and encrypt programs, then replaces
the original message with the re-encrypted one. The server also adds a
signature when re-encrypting to identify the mailing list server.
One problem in this implementation is authentication of the original message
sender. The server removes original sender's signature attached to an
encrypted message when replacing an original message with the re-encrypted
message. This is because PGP decrypt program, pgpv, strips the signature
when it decrypts the message.
Another problem is comformance to OpenPGP/MIME specification proposed by
K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using
'Encrypted-then-Signed' service, the current implementation replace the
inner multipart/encrypted MIME object and this makes impossible to verify
the signature in the outer multipart/signed MIME object.
Currently, I don't have the solutions for these problems. I'm just starting
to grapple with them. I will welcome to your comments.
[OpenPGP/MIME] K.Yamamoto. MIME Security with OpenPGP. Internet Draft. Dec,
1998.
--- Masahiro Morita, NTT Information Sharing Platform Laboratories.