On Sun, Jul 19, 2015 at 9:39 AM, Bill Frantz <frantz(_at_)pwpconsult(_dot_)com>
wrote:
On 7/18/15 at 7:28 PM, phill(_at_)hallambaker(_dot_)com (Phillip
Hallam-Baker) wrote:
There are two basic ways a dropbox type scheme can be made to work with
standard public key
* There is a shared public key and everyone knows the private key. This is
changed each time a person drops off the list.
This approach will probably scale to reasonable levels. When it gets to
when you are sending out new keys several times a day, then batching the
drops may be a viable solution.
At some point though, the process of dropping the new keys becomes
equivalent to a cloud service with knowledge of the content and we lose end
to end.
* Each person has an individual public key pair and the mailing list is
encrypted and sent out to each of them.
This approach has real scaling problems. Assume the mailing list software
does the encryption. When you get a large list, then the CPU load of
encrypting the symmetric key to each member will be quite high. The
alternative seems to be to have the sender do the encryption, but then
every list member needs to have every other's public key and a smart phone
may be completely overwhelmed.
So the question is, how large a list do we need to support? The practical
high water mark may come with a large organization that needs a mailing
list for all its members. The internal mailing list of a corporation with
100,000 employees may be a good example. Of course, a secret which that
many people know isn't very secret.
100,000 subscribers does not need to be end to end. There is no security
advantage, there is a huge cost.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp