John, Please understand, I'm not talking about public mailing lists. The task is to setup closed, private, secure mailing list for limited number of individuals. Let simplify the problem 1. Mail Server has the encryption key for the each Mailing List it handles. 2. Outbound mail is encrypted using Mailing List encryption key. 3. Subscribers decrypt emails from the mailing list using Mailing List provided encryption key. 4. Subscriber sends an email to the list encrypted with its own encryption key (call it private key or whatever). 5. Mail Server decrypts inbound mail from the subscriber using subscriber's key stored in its database. 6. Mail Server encrypts outbound mail using Mailing List encryption key. Practically we're dealing here with multiple sets of encryption keys - Mailing List and individual subscribers. Call them private or public - it doesn't matter. The question - is there any Mailing List Manager which allows to do such secure transactions. Alex On Wednesday 04 July 2007 17:40:56 John Andersen wrote:
On Wednesday 04 July 2007, Alex Daniloff wrote:
You're missing this point:
4. When the Mail Server receives a message encrypted with subscriber's private key, it decrypts it using existing subscriber's private key stored in SQL database. Then the Mail Server encrypts this message with the Mailing List public encryption key and distributes it to all other Mailing List subscribers.
I understood exactly what you said.
But giving one's private key to anyone else (the mail server) is insecure.
If asked to load my private key to any mail server I would be looking for a different list.
As for the outbound, if you encrypt with the mailing list PUBLIC key then everybody would need the mailing list PRIVATE key to decrypt it.
You are doing this (or at least explaining it) exactly backward of how public key encryption is supposed to work.
If you want list outbound traffic encrypted the server needs to store each user's PUBLIC key and encrypt each outbound message with the key specific to the user.
If list inbound traffic is to be encrypted, then subscribers should encrypt with the list server's PUBLIC key.
Any plan you cook up which requires sharing anyone's PRIVATE key is just wrong from the get go. If you can't understand that, don't come here asking for help and suggestions about how to compromise public key encryption standards.
-- _____________________________________ John Andersen
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org