Re: On email and web security

"John Levine" <> Wed, 13 January 2016 23:30 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 2C4C11A8869 for <>; Wed, 13 Jan 2016 15:30:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.863
X-Spam-Status: No, score=0.863 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, KHOP_DYNAMIC=0.001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yMpMCK8P6yWd for <>; Wed, 13 Jan 2016 15:30:26 -0800 (PST)
Received: from ( [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id DAC191A8868 for <>; Wed, 13 Jan 2016 15:30:25 -0800 (PST)
Received: (qmail 61231 invoked from network); 13 Jan 2016 23:30:24 -0000
Received: from unknown ( by with QMQP; 13 Jan 2016 23:30:24 -0000
Date: Wed, 13 Jan 2016 23:30:02 -0000
Message-ID: <20160113233002.66489.qmail@ary.lan>
From: John Levine <>
Subject: Re: On email and web security
In-Reply-To: <>
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 13 Jan 2016 23:30:28 -0000

>I don't see any way that this could work using PGP, but I confess I 
>don't know enough about S/MIME to know if it could be done using it or not.

The one list manager that I know of that actually does S/MIME, Sympa,
sends a separate copy of the message to each recipient encrypted to
his key.  I think it's more likely because it's easier to code than
due to security concerns since the list management software usually
lets each subscriber look at the subscription list and archives.

With respect to Doug Royer's question, I believe one normally
configures an encrypted list to accept only encrypted submissions.  At
some level you have to trust the list software not to lie too badly
about what it's doing.