From: D.den Otter (neosapient@geocities.com)
Date: Mon Nov 22 1999 - 07:38:38 MST
----------
> From: Eliezer S. Yudkowsky <sentience@pobox.com>
> Does anyone know of a mailing-list program that can operate securely in
> a not-too-inconvenient way? An example might be a mailing list program
> that can decrypt PGP messages sent to it, re-encrypt the message with
> the public PGP keys of the recipient list, and send each recipient a
> message encrypted with vis key.
Something like this?
http://www.petidomo.com/
Petidomo supports fully encrypted mailing lists, using the well-known
encryption programm Pretty Good Privacy (PGP).
From: http://www.petidomo.com/manual/node9.html
8.2 PGP-encrypted mailing lists at
"Another very useful feature of the posting filter and the access
control languange is the ability to maintain encrypted mailing lists.
The idea is very simple: You create a PGP key pair for your mailing list
and spread the public key among the subscribers of your mailing list. In
turn you collect their public keys and store them on the mailing list
server.
Whenever a subscriber wants to post an article to the mailing list, he
will encrypt it with the public key of the list server before
transferring it through the Internet. Petidomo will then receive the
mail, decrypt and process it and encrypt it again, with the public keys
of the subscribers. Once encrypted again, the mail is distributed to the
readers.
Please note that at no time the mail was sent through the Internet in
clear text. Hence this mode is well-suited for maintaining internal
discussion lists for, say, software development among a few people who
know each other but live spread throughout the world. Included in the
distribution are two scripts, pgp-encrypt.sh and pgp-decrypt.sh, which
realize this. The setup needs a bit of work, but once you understand the
principle, it is rather easy. Just follow the steps described below".
Etc.
Another related link
http://www.icdc.com/~paulwolf/pgplists.htm
"The first thing for you to do is to generate
another pair of keys - these will be the master keys. Next, send
copies of both of keys to everyone on the list, using your newfound
encryption technology. Sending keys in the mail may sound like a
dangerous idea, but because your friends all have their own sets of
keys, you can use their personal public keys to encrypt the master keys
for the list and send the master keys securely to each of the members.
Now everyone has an identical pair of master keys, and they've never
even met face to face. These keys are in addition to their own
personal keys, which they can use for personal encrypted mail.
Emails sent to the mailing list are encrypted by the public master
key and broadcast to the list members, who use the private master
key to decode them. This is a perfect information security system,
as long as no one's computer gets bagged."
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:05:50 MST