Hi,
Thanks for your thoughts, I appreciate them.
At Sat, 18 Jul 2015 15:09:03 -0700,
Bill Frantz wrote:
On 7/15/15 at 7:05 AM, neal(_at_)walfield(_dot_)org (Neal H. Walfield) wrote:
Encrypted mailing lists are currently difficult to do securely and
easily. Either they trade security for usability by reencrypting mail
or they trade usability for security by requiring each poster to keep
a local list of subscribers up to date.
A long time ago I was a member of an encrypted mailing list that used
PGP. Every member of the list had a copy of the private PGP key (and
its password). Messages to the list were encrypted using the public
key and all the legitimate list members could decrypt using their copy
of the private key.
It worked quite well. When someone was dropped from the list, new keys
were needed and had to be distributed, which was a disadvantage, but
practically resulted in somewhat regular key changes.
There may be better solutions, but this one worked with unmodified
PGP.
Yes, I think this is a reasonable solution, but it's not easy to use.
The solution I propose is easy to use and it largely backwards
compatible.
- Only posters need to understand the new format; subscribers just
decrypt as usual.
- If a poster encrypts using the mailing list's key, the admin can
always decrypt and reencrypt. Depending on the security
requirements, this can be completely or partially automated.
Thanks!
Neal
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp