On 01/13/2016 12:23 AM, Dave Cridland wrote:
When senders send to the proxy, they're encrypting in a special way
which means that the proxy can't decrypt; instead it can only re-key the
message to each member. The proxy also cannot add other keys (including
its own), so cannot just add itself as a member and decrypt the result.
Members receive the message, and thanks to the crypto-fairies, they see
it as signed by the sender. I like to think of this as a special-case of
homomorphic encryption, but only so I can sound like I know what I'm
talking about.
I don't see any way that this could work using PGP, but I confess I
don't know enough about S/MIME to know if it could be done using it or not.
Doug