Mailman-SSLS[Mailman Secure List Server -- concluded on 2009/04/01]
Currently, there is no re-encrypting mailing list manager with support for both PGP and S/MIME. Mailman is the most popular Open Source mailing list manager. The Secure List Server project "mailman-pgp-smime" aims to include OpenPGP and S/MIME support in Mailman, the GNU Mailing List Manager.
Adding re-encryption will enable groups of people to cooperate and communicate securely via email: mail can get distributed encrypted to a group of people, while the burden of managing individual keys is dealt with by the list software, not the sender. Furthermore, authentication is possible: the list server software takes care of checking this. This way, strong security for groups of people gets available for a wide audience.
This project will publish a patch for the official Mailman distribution. This patch handles both RFC 2633 (S/MIME) and RFC 2440 (OpenPGP) email messages.
A post will be distributed only if the PGP (or S/MIME) signature on the post is from one of the list members. For sending encrypted email, a list member encrypts with the public key of the list. The mailing list server will decrypted the posting and re-encrypted it with the public keys of all list members.
In order to achieve this, each list has a public and private key. (The private keys optionally protected by passphrases) Furthermore, new list settings are defined:
- gpg_postings_allowed: is it allowed to send to this list postings which are encrypted with the GPG list key?
- gpg_msg_distribution: are subscribers allowed (or even forced) to upload their GPG public key in order to receive all messages encrypted?
- gpg_post_sign: should posts be GPG signed with an acknowledged subscriber key before being distributed?
- gpg_msg_sign: should the server sign encrypted messages?
Similar settings are defined for S/MIME. Finally, each subscriber can upload her PGP and S/MIME public key using the Mailman webinterface.
- The project's own website