Encrypted MLs

[Fred Lindberg]

On Mon, 27 Apr 1998 21:57:24 +0200, Werner Koch wrote:

>My plan is to write a fast keyserver which does this stuff.  The 
>encryption will always take up more time than the key lookup.
>You should put the email addresses in left angles into a file:

>============
># This file is the list of subscribers
>-r <joe at some.net>
>-r <alice at net.nil>
>===============

>and call gpg with "gpg --options ~/.gnupg/options -e --options ./above-file"
>If you would like to use the .qmail format I may add yet another special
>option to use this file direct.

This format is fine. Better to deal with the specific format within
ezmlm. Also, the subscriber addresses are stored in a hash of up to 53
files. An alternative would be to allow the addresses to be piped in to
fd 1, as with qmail-queue. Then it would make sense to use a format
like:
Tadd1 at host1\0
Tadd2 at host2\0
...
\0

>This file is stored in memory and should not be too large :-)
Theoretically, a subscriber db can be quite large. Would it be possible
to just read a stream, generating the encrypted session-key blocks one
at a time as the addresses are encountered in the input stream? A nice
side-effect would be that the "client" could assume that the blocks
would appear after the message in the order they were send. ezmlm could
lock the directory to assure that the subscriber db would remain
untouched while gpg does it's job. This way, ezmlm could process the
subscriber list and message without sorting.

Which brings out another point: Would it be possible to derive the
recipient userid/address from the pgp output without asking the key
server? I assume that deriving the key id is easy, but the
keyid->address could cause some problems.

Thanks!

-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)