[tor-talk] encrypted mailing lists
Griffin Boyce
griffinboyce at gmail.com
Wed Aug 21 13:31:14 UTC 2013
On 08/21/2013 03:44 AM, Matej Kovacic wrote:
> All mail sent to the list should then be encrypted (recipient is mailing
> list address and user has it's public GPG key). Mailing list would then
> decrypt it, and deliver that message to it's users encrypted and signed.
Well, it may offer some benefit if you (as a subscriber) don't trust
your email provider. But it's not that useful if you don't trust the
mailing list server. Even if you're sending your mail encrypted to the
server, the server then would need to decrypt it before encrypting it to
the recipients. It also doesn't protect against someone you don't trust
being added to the mailing list (thereby getting all emails) or someone
on the mailing list sending mails outside or betraying people (which
never happens).
tl;dr: Might be okay in some threat models, doesn't work in others.
;-) Good for people who are trying to emphasize the active use of GPG.
People who cross borders frequently are better served by full-disk
encryption.
best,
Griffin
--
"Cypherpunks write code not flame wars." --Jurre van Bergen
#Foucault / PGP: 0xAE792C97 / OTR: saint at jabber.ccc.de
My posts, while frequently amusing, are not representative of the thoughts of my employer.
More information about the tor-talk
mailing list