Re: [openpgp] mailing list: managing the subscriber list

"Neal H. Walfield" <neal@walfield.org> Wed, 13 January 2016 15:50 UTC

Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22E2F1A8A94 for <openpgp@ietfa.amsl.com>; Wed, 13 Jan 2016 07:50:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.149
X-Spam-Level: *
X-Spam-Status: No, score=1.149 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LErQ0iFNWqRG for <openpgp@ietfa.amsl.com>; Wed, 13 Jan 2016 07:50:39 -0800 (PST)
Received: from mail.dasr.de (mail.dasr.de [217.69.77.164]) by ietfa.amsl.com (Postfix) with ESMTP id 3BF591A8A8B for <openpgp@ietf.org>; Wed, 13 Jan 2016 07:50:39 -0800 (PST)
Received: from p5ddf94f7.dip0.t-ipconnect.de ([93.223.148.247] helo=mail.huenfield.org) by mail.dasr.de with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from <neal@walfield.org>) id 1aJNgv-00084c-3L; Wed, 13 Jan 2016 15:50:33 +0000
Received: from [192.168.54.11] (helo=chu.huenfield.org) by mail.huenfield.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <neal@walfield.org>) id 1aJNgs-0002qq-5b; Wed, 13 Jan 2016 16:50:32 +0100
Received: from localhost ([::1] helo=chu.huenfield.org.walfield.org) by chu.huenfield.org with esmtp (Exim 4.84) (envelope-from <neal@walfield.org>) id 1aJNgo-0005Mx-Im; Wed, 13 Jan 2016 16:50:26 +0100
Date: Wed, 13 Jan 2016 16:50:26 +0100
Message-ID: <87oacp4gxp.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: "Neal H. Walfield" <neal@walfield.org>, Rick van Rein <rick@openfortress.nl>, openpgp@ietf.org, Matthew Green <matthewdgreen@gmail.com>
In-Reply-To: <87twmje02x.fsf@vigenere.g10code.de>
References: <87ziwd3yrn.wl-neal@walfield.org> <56938B98.7000707@openfortress.nl> <87r3hn4tw2.wl-neal@walfield.org> <87twmje02x.fsf@vigenere.g10code.de>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (Gojō) APEL/10.8 EasyPG/1.0.0 Emacs/24.5 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-SA-Exim-Connect-IP: 192.168.54.11
X-SA-Exim-Mail-From: neal@walfield.org
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 17:06:47 +0000)
X-SA-Exim-Scanned: Yes (on mail.huenfield.org)
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/_DOItbzrDRFv0c84pfBWS-4DtAg>
Subject: Re: [openpgp] mailing list: managing the subscriber list
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 15:50:40 -0000

Hi Werner,

At Tue, 12 Jan 2016 08:19:50 +0100,
Werner Koch wrote:
> On Mon, 11 Jan 2016 23:46, neal@walfield.org said:
> > There are two types of re-encryption that I think are inappropriate:
> >
> >   - when the mailing list software decrypts and reencrypts each
> >     message before forwarding it on to the list of subscriber, and,
> 
> As soon as you are in the need for a mailing list you have severe opsec
> problems which I consider not solvable: You not only need to fully trust
> all participants but also need to make sure that _all_ their boxes are
> properly secured against attacks.

As we discussed recently offline, I respectfully disagree and I find
this position difficult to resolve with your stated position of trying
to bring GnuPG and encrypt in general to a wider audience.  This is
also why I'm working on this project in my free time and not on the
clock.

Even if people aren't sufficiently careful, ready-to-use encrypted
mailing listings can hinder mass surveillance (similar to the way
OpenPGP can, I think).  Further, for those who do have the opsec
background and need this protection, a solution that is easier to use
than GnuPG groups + manually updating the subscriber list, is probably
safer.

> Adding another box to reencrypt the messages does not change the picture
> much more than adding another subscriber.

I disagree with this as well.  Someone who hosts many mailing lists
(e.g., google or sf) could abuse their position in a much more
substantive way than a single user.


Thanks,

:) Neal