ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Mailing lists

2015-07-18 17:08:55
On 7/15/15 at 7:05 AM, neal(_at_)walfield(_dot_)org (Neal H. Walfield) wrote:

Encrypted mailing lists are currently difficult to do securely and
easily.  Either they trade security for usability by reencrypting mail
or they trade usability for security by requiring each poster to keep
a local list of subscribers up to date.

A long time ago I was a member of an encrypted mailing list that used PGP. Every member of the list had a copy of the private PGP key (and its password). Messages to the list were encrypted using the public key and all the legitimate list members could decrypt using their copy of the private key.

It worked quite well. When someone was dropped from the list, new keys were needed and had to be distributed, which was a disadvantage, but practically resulted in somewhat regular key changes.

There may be better solutions, but this one worked with unmodified PGP.

Cheers - Bill

---------------------------------------------------------------------------
Bill Frantz |"After all, if the conventional wisdom was working, the 408-356-8506 | rate of systems being compromised would be going down,
www.pwpconsult.com | wouldn't it?" -- Marcus Ranum

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>