[Enigmail] My Bad, Sorry About That
Jean-David Beyer
jeandavid8 at verizon.net
Fri Aug 22 05:36:28 PDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John W. Moore III wrote:
> Jean-David Beyer wrote:
>
>> I guess I do not understand this. (You are, of course, correct that the list
>> server need get my public key only once and keep it on hand locally, not do
>> this with every mailing.)
>
> You are placing far too much work on the List/Group Server. All it must
> do is receive & disseminate the Posts to the List. All
> Encryption/Decryption occurs on the Member's computer. Keyring
> Maintenance is the responsibility of each individual member.
>
(I just put in a new version of Thunderbird and Enigmail.)
I guess my mental model of how this works is faulty.
One model goes like this: If I wish to send an encrypted message to a
mailing list that allows this, I must encrypt it before sending it to the
list. And the key I use to encrypt it must be the public key of the list
server, right? If so, the list server must decrypt it, since no one else has
the private key of the list server (I hope). That is the easy part. Then the
list server must encrypt it to each recipient.
Another way is to push the overhead back to the original poster. In that
case, the O.P. does not encrypt the message to the key of the list server
(if it even has one). Instead, the O.P. must encrypt it to each and every
recipient of the list, so the O.P. must possess all those keys. In this
case, the list server does no more than any other list server. But in that
case, the O.P. would have to send to the recipients individually (perhaps by
running a list server of his own). This does not seem to be a satisfactory
way of doing things.
So there must be at least one more model that does not have the problems of
the two I describe.
- --
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 08:25:01 up 15 days, 14:31, 5 users, load average: 4.34, 4.23, 4.24
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org
iD8DBQFIrrLMPtu2XpovyZoRApGvAKCydlEi/o6vrMG/jZoNNaVjATWE+ACgzJ7c
Wn36XW8AnfA849iaWmvgHxU=
=kBCl
-----END PGP SIGNATURE-----
More information about the Enigmail
mailing list