Re: On email and web security

ietf

Re: On email and web security

2016-01-02 09:38:49

To send to a mailing list, the sender must either have a copy of the list or 
the system managing the list must decrypt and re-encrypt the
message.  Neither of these is a good fit with the current email architecture.  
The former is secure but unwieldy; the latter is reasonably
efficient but breaks the desired end-to-end security.


FYI, the Sympa list manager which is widely used in Europe does the
latter, S/MIME key for the list, and the list software re-encrypts the
messages to the recipients' keys.

Given a choice between trusting the list software and trusting all of
the subscribers, that seems a reasonable way to do it.

R's,
John

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: On email and web security, Doug Royer Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, Doug Royer Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, l.wood Re: On email and web security, Steve Crocker Re: On email and web security, John Levine <= Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, Doug Barton Re: On email and web security, Phillip Hallam-Baker Re: On email and web security, Doug Barton Re: On email and web security, Dave Cridland Re: On email and web security, Doug Barton Re: On email and web security, John Levine Re: On email and web security, Doug Barton Re: On email and web security, John Levine

Previous by Date:	Re: On email and web security, Steve Crocker
Next by Date:	Re: On email and web security, Phillip Hallam-Baker
Previous by Thread:	Re: On email and web security, Steve Crocker
Next by Thread:	Re: On email and web security, Phillip Hallam-Baker
Indexes:	[Date] [Thread] [Top] [All Lists]