CryptoList - Looking for beta testers

Oliver Verlinden oliver at wps-verlinden.de
Sun Sep 22 21:34:07 CEST 2013


On Sunday, 22. September 2013, 20:33:45 kwadronaut wrote:

Hi kwadronaut,

> On 22/09/13 19:10, Oliver Verlinden wrote:
> > some days ago I had the idea of a pgp compatible mailing list.
> > I know there is a mailman extension which supports pgp encrypted messages
> > out there, but I wanted ta have a small, fast and easy to configure
> > solution.

No, I did not know Schleuder yet. Thank you for the link, I will take a look 
at this.

> 
> Åre you also aware of Schleuder? [1] I don't want to surpress your
> enthusiasm, but if possible, maybe, you can ameliorate that other thing
> even more?
> 
> With Schleuder:
> > - A list member writes an pgp signed and encrypted message to the list
> > server
> 
> Or an outsider, depends on the configuration. There are some good use
> cases, for example if a list address is used as a contact address.
> 
> > - Encryption is enforced: Non encrypted messages are rejected
> 
> Depends on configuration, see above.
> 
> > - The senders pgp signature is checked, to ensure the message integrity
> 
> I guess that's a default minimal basic thing everyone expects to be done
> 
> > - The message is multiplied and resigned/reencrypted by the list server
> 
> Same as Schleuder
> 
> > - The signed and encrypted messages are delivered to the list members
> 
> If this part was missing I wouldn't call it mailing list software ;-)

That's right. This functionality is the basic functionality of a mailing list 
software (combined with secure cryptography).
Depending on the peoples feedback I will imlement additional (useful) 
features.
I will see.....

> 
> > Well it's weekend, so I started to code. ;)
> 
> Sound like you created a mitm! ;-)
> 
> > Meanwhile the key functionalities are implemented and the project is
> > ready for some beta tests. It's very annoying to write emails to myself
> > all the time to check functionality. So if you want to try this, just
> > give me a short notification with your public key id. I will add your
> > public key into the lists keyring and add you to the recipients list.
> 
> So, I'm sorry that I'm not here to beta-test, but would rather see
> Schleuder getting better as someone reinventing the wheel. Maybe your
> wheel is more round or has better brakes, I don't know. [2] It has
> happened to me before that I enthusiastically spend a lot of time on
> something that someone else already did. And sometimes that other
> project served as a good example or inspiration.
> 

As I mentioned above. I will take a deeper look at Schleuder.
By the way. Is it open source too?

> > After some testings, the whole project will be available on SourceForge.
> 
> I might be asking (too) much, but I'd suggest to reconsider SourceForge,
> they now try to push some drive-by installer in everyones mouth. I guess
> a discussion on that subject is too much off-topic for this list, so
> I'll stick with a link to a simple rant. [3]

Oh really? I did not heard about that. The projects I downloaded from 
SourceForge were "clean".
> 
> All in all, I hope I found the right tone in my mail, don't get it
> wrong, I applaud your energy and enthusiasm! And if someone figures a
> way to do group public key encryption, I'd be interested in hearing how
> that would work.

No, your tone is absolutely fine. I just spend some great programming hours on 
this project and got some experiences with encrypt things programmatically.
You're right, if I have a great idea and too much free time, I just try to 
implement this and follow this target very enthisiastic.
That's me. ;)

> 
> ciao,
> kwadronaut

Best regards
Oliver Verlinden

> 
> [1] http://schleuder2.nadir.org/
> [2] I wonder, were the first wheels in humankind equipped with brakes?
> [3]
> http://www.gluster.org/2013/08/how-far-the-once-mighty-sourceforge-has-fall
> en/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130922/2e0dc8aa/attachment.sig>


More information about the Gnupg-users mailing list