[Gllug] mutt & gpg
Matt Amos
matt.amos at ic.ac.uk
Fri Jan 11 12:52:08 UTC 2002
On Thu, Jan 10, 2002 at 05:35:28PM -0000, Paul Brazier wrote:
> I suppose a weakness of such a setup would be the vulnerability of the
> server to someone who could physically access it and read the file that
> contains the PGP password to the server's private key. (because
> obviously it couldn't be entered interactively as for a standard user).
> So maybe totally encrypted mailing lists aren't possible?
the simplest way to do it is to have a normal mailing list and just have
every email encrypted to everyone. granted the emails would be very large
(as there would be as many sections as people on the mailing list), but it
wins on simplicity, as it requires no strange software on the server or
the clients.
if youre worried about physical access to server secrets then it is
possible to store the key in a ramdisk, so on poweroff the server
completely forgets it. and the messages can be stored on a crypted
hard-disk. unfortunately this requires someone logging in to supply the
secret (not neccesarily locally) on every reboot.
finally, if the membership of the mailing list doesnt change much then you
can cut out the public-key stuff and just have everyone with the same
symmetric key. if anyone defects then you loose the security of the
system, but with regular key changes the defector would only be able to
read messages he had already read anyway.
cya,
matt
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list