Calls: Send in your ideas. Deadline April 1, 2024

Last update: 2008-09-14

Grant
End: 2009-01

Mailman-SSLS

openPGP and S/MIME support in mailman

Currently, there is no re-encrypting mailing list manager with support for both PGP and S/MIME. Mailman is the most popular Open Source mailing list manager. The Secure List Server project "mailman-pgp-smime" aims to include OpenPGP and S/MIME support in Mailman, the GNU Mailing List Manager.

Adding re-encryption will enable groups of people to cooperate and communicate securely via email: mail can get distributed encrypted to a group of people, while the burden of managing individual keys is dealt with by the list software, not the sender. Furthermore, authentication is possible: the list server software takes care of checking this. This way, strong security for groups of people gets available for a wide audience.

Technical specification

This project will publish a patch for the official Mailman distribution. This patch handles both RFC 2633 (S/MIME) and RFC 2440 (OpenPGP) email messages.

A post will be distributed only if the PGP (or S/MIME) signature on the post is from one of the list members. For sending encrypted email, a list member encrypts with the public key of the list. The mailing list server will decrypted the posting and re-encrypted it with the public keys of all list members.

In order to achieve this, each list has a public and private key. (The private keys optionally protected by passphrases) Furthermore, new list settings are defined:

  • gpg_postings_allowed: is it allowed to send to this list postings which are encrypted with the GPG list key?
  • gpg_msg_distribution: are subscribers allowed (or even forced) to upload their GPG public key in order to receive all messages encrypted?
  • gpg_post_sign: should posts be GPG signed with an acknowledged subscriber key before being distributed?
  • gpg_msg_sign: should the server sign encrypted messages?

Similar settings are defined for S/MIME. Finally, each subscriber can upload her PGP and S/MIME public key using the Mailman webinterface.