On 7/18/15 at 7:28 PM, phill(_at_)hallambaker(_dot_)com (Phillip
Hallam-Baker) wrote:
There are two basic ways a dropbox type scheme can be made to work with
standard public key
* There is a shared public key and everyone knows the private key. This is
changed each time a person drops off the list.
This approach will probably scale to reasonable levels. When it
gets to when you are sending out new keys several times a day,
then batching the drops may be a viable solution.
* Each person has an individual public key pair and the mailing list is
encrypted and sent out to each of them.
This approach has real scaling problems. Assume the mailing list
software does the encryption. When you get a large list, then
the CPU load of encrypting the symmetric key to each member will
be quite high. The alternative seems to be to have the sender do
the encryption, but then every list member needs to have every
other's public key and a smart phone may be completely overwhelmed.
So the question is, how large a list do we need to support? The
practical high water mark may come with a large organization
that needs a mailing list for all its members. The internal
mailing list of a corporation with 100,000 employees may be a
good example. Of course, a secret which that many people know
isn't very secret.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | "The only thing we have to | Periwinkle
(408)356-8506 | fear is fear itself." - FDR | 16345
Englewood Ave
www.pwpconsult.com | Inaugural address, 3/4/1933 | Los Gatos,
CA 95032
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp