[HacktionLab] Greetings, Encrypted Mailing-Lists and so on

[dev.anubis at gmail.com]

Greetings,

I haven't been able to make a HacktonLab gathering yet, but my house mate Beth went to the rural camp in Wales and told me all about it and I'm very keen to get involved. I'm particularly interested in 

I am a member of the Anarchist Federation and we're currently in the R&D stages of working towards using GPG encryption firstly for sensitive communication between individuals, and eventually for fully secure email list encryption for general use.

I have yet to find an example of encrypted email lists (private lists, not public obviously) in anything outside of conversations that usually culminate in " wouldn't that be  good idea", and so have resolved to (eventually) trying to develop a solution (I'm a Computer Science student so its entirely possible, although delivery to a schedule is very very improbable).

I'm basically contacting to bounce the idea around, see if anyone can poke holes in the plans before it gets started.

Through speaking with other techy sorts in the AF I've basically distilled the idea down to this:

- Mail server has its own GPG key set, the public key is known throughout the Fed, available to everyone so they can send mail to the server securely.
- The private key would probbaly need to be passwordless, for automation. This is likely ot be the largest technical hole in the sytem, but not the easiest to exploit. 
- The server recives incoming messages, and decryptes them to plaintext with its private key.
- The message is then re-encryptes with the publik keys of all members of the list, and then sent out via normal mailman operations to all emails on the list.
- All members receive a copy encrypted with their public key which they can decrypt and read (whether it would be easier to encrypt once to n recipiants, or encrypt n times and mail each one individually I don't know, I suspect the former)


Obviously, as with everything, the weakest point is the users. Its always possible that the organitation may be infiltrated, and thus the list is compromised from inside anyway. 
But at least messages aren't thrwn around in plain text eh?

The server having an unsecured private key is the most troubling point for me. I've considered implementing randomised password generation, changing it on a schedule, to combat bruit-forcing, but sadly that's just likely to lead to passwords having to be stored in plain-text somewhere else in order to be used.

A more rational strategy would be to just ensure that the private key is securely stored and the server is robust.


Woo, long post.
TLDR: I want to make encrypted mailing lists.
- Howard

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.psand.net/cgi-bin/mailman/private/hacktionlab/attachments/20090808/69af1a2e/attachment.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://lists.psand.net/cgi-bin/mailman/private/hacktionlab/attachments/20090808/69af1a2e/attachment.pgp