[Enigmail] My Bad, Sorry About That

Faramir faramir.cl at gmail.com
Fri Aug 22 22:44:42 PDT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Jean-David Beyer escribió:

> Another way is to push the overhead back to the original poster. In that
> case, the O.P. does not encrypt the message to the key of the list server
> (if it even has one). Instead, the O.P. must encrypt it to each and every
> recipient of the list, so the O.P. must possess all those keys. In this

  That is the way John W. Moore III 's list works...

> case, the list server does no more than any other list server. But in that
> case, the O.P. would have to send to the recipients individually (perhaps by
> running a list server of his own). This does not seem to be a satisfactory
> way of doing things.

  No, you don't need to deliver the messages individually... when you
encrypt a message to a recipient's key, what gpg does, it is to encrypt
it symmetrically to a one use key, and it encrypts asymmetrically to the
recipient's public key, and attach the encrypted key to the message. But
usually, when you send a message, you want to be able to read it in your
sent messages folder... in order to be able to do that, enigmail also
encrypts it to YOUR public key, and attach it to the message (so, at
that point, the message includes the symmetric one session key encrypted
to for recipient's public key, and the same symmetric one session key,
encrypted to your public key). And since it can be done to 2 different
public keys, it is trivial to keep adding more and more public keys...
you just need to have those keys available at your key ring, and to
group them... then you would just need to say "encrypt this message to
everybody in that group", and gpg would attach one copy of the symmetric
one session key, each copy encrypted to one public key... at some point,
maybe the size of the original message would be smaller than the added
size of all those encrypted keys... but John W. Moore III has said the
impact of attaching all those keys it is not noticeable... and in fact,
as he said, the word to describe that is "interestingly".

> So there must be at least one more model that does not have the problems of
> the two I describe.

  No, it is the second model, but using some advantages you are not
aware about... You just need to assign all these keys to a group, and
tell enigmail, using recipient's rules, to do that each time you send a
message to that list... and each time a new member joins the list, you
would need to include his key to that group...

 By the way, since I don't use recipient's rules, I am not really sure
how to setup it, but I bet it is not hard to do... I already know how to
encrypt files to a group of keys, using GPGshell, and it was very easy
to do...

Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJIr6PJAAoJEMV4f6PvczxAQTMH/2ckDRncNUD9zl6D42HYrikL
WH5bDeAJM4URJn2oRxUjpJCdFkavMqkkgT/N3EWfZybImOvtWujld43ivYfWvlXn
SXZDTUEk9xZ2aD5KPpSTc6qchCKuQn8BhQu50dD4p2xo8Hs7fFE2j8pdCQw8BqBl
+BNzeVqqDlIM76ISUuxGpEZ7onHW6F21ROjgyUNJtka2clX+efCwHTdReOEquYB+
uiZ8H1/3wQbWEkA+m03iP9c2SIWxhFegAufe9nwoS8/NgjprsFmYQKwsdKB9UTk1
fY79HfD6PeJoPzgaKkiu5vivZYI2rIydhlryMZuCNDLGQZ9srk/0+lJx+bHWovI=
=HJEz
-----END PGP SIGNATURE-----

More information about the Enigmail mailing list