CryptoList - Looking for beta testers
Oliver Verlinden
oliver at wps-verlinden.de
Mon Sep 23 08:03:54 CEST 2013
> Very cool to see that you've done this work and that you want to see
> something like this happen. It raises a lot of questions for me,
> though:
Ok, let me answer them. ;)
> how does your system know whose keys are whose?
The key is picked by one or more given email addresses. The recipient email
address drives the key selection.
> what if a key expires?
Expired keys are not better then non available keys. Encryption will fail and
the list admin is notified.
> how does it handle new subscribers?
... need to be added to the list manually. I don't want to add encryption keys
automatically. The list admin should check the level of trust, so this is used
to be a manual task. I asume that the list of subscribers is mainly fixed and
changes are a rare event.
> who gets access to the lists?
See above. In productive environments the list admin is hosting my software
and of course may decide who to give access to the list.
In this list I am searching for beta testers so everyone who is interested
will get access.
> are they archived?
No archive functionality at the moment.
> what about messages that can't be delivered
> right away?
At the moment delivery failures are not handled. So if the outbound mail
server does not accept the message, it will be skipped.
In the future some errors should have a retry count and be processed again
after some time.
> How do i as a user know what keys to encrypt to?
You only encrypt with the list's public key.
> how do i as an admin make sure my user's confidential data doesn't leak to
> outside parties?
As the list subscribers are added manually by you (as the admin), you should
only give trustful people access to the list.
The list itself does not leak any confidental information. Of course if you
have a untrusted member in the list he will receive the confidental shared
information (in a encrypted way, but he is able to unencrypt and read them)
> Dealing with store-and-forward message delivery in a dynamic network is
challenging in its own right
What do you mean with store-and-forward handling. Can you explain?
>
> Regards,
>
> --dkg
Best regards
Oliver Verlinden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20130923/73d56b2a/attachment.sig>
More information about the Gnupg-users
mailing list