rich...@karmannghia.org writes:
> It's very straight-forward:
C'mon, man, Grandpa knows how to tie his shoes. The construction of
such an encrypted list not technically terribly complex---as you said
yourself, a SMOC. The problems are describing *who* is the adversary,
*what* will they do to invade your privacy, and *how* does the
proposed system thwart those threats. You are completely ignoring
those questions. And no, "unencrypted mail is a threat" to
"everybody" isn't a serious attempt to address them, given that almost
everyone is using MTAs that support TLS nowadays.
> Subscribers who want encrypted email include their public key in
> their subscription details,
What about the needs of *posters*, who are *at least* as important as
subscribers here, who want to keep *their* posts private? That's why
"encryption-optional" lists make no sense to me, except as a proof of
concept. And the prescription to greppers to leave their mail folders
unencrypted is not comforting to the authors, either.
I see vanishly small added security in an encryption-optional mailing
list of the kind Juergen described. As a proof-of-concept, it was a
brave experiment that maybe could have led to something. But it
didn't.
> HOWEVER, just becasue ONE email list of a group who realized it was
> there had that experience says NOT A THING about how many who
> didn't know would love to have a list where users HAD to use
> encryption to be on the list!
[...]
> It's myopic to see just one's own use case and think it applies
> across the board.
Round 'em up, man. I listen to the community. I'm listening to you.
> Over my long and storied 47 year career in computer science I've long
> noted that the vast majority of users:
>
> 1) Don't know what they really want;
> 2) Don't have a clue what's easy and what's hard, and;
> 3) Don't hang out on email lists like this one.
So? I think they *do* know a very large fraction of what they want at
the level of expressing *requirements* (WIBNI ...). Dealing with
what's easy and what's hard is our problem as developers, not theirs.
With that knowledge, we can help them refine and prioritize their
requirements, and sometimes discover new ones. Convincing them that
we understand their requirements and know easy vs. hard is also our
problem. And the lack of like-thinking users on mailing lists like
this one is a problem for advocates (like you?)
> > But there are substantial technical hurdles to extreme
> > requirements such as "end-to-end encryption" of list traffic.
>
> That is abjectly false, Juergen proved it, and not only was it NOT
> difficult 20 years ago, in the 20 years since then what's fairly
> easily possible has expanded considerably.
Your definition of "end-to-end" is not the one in common use. A
system where an intermediate node decrypts, then reencrypts and
forwards, is not "end-to-end encrypted" in any usage I've seen before,
It's really not useful to discuss technical issues if you won't at
least use the accepted definitions of such critical terms. You're
welcome to argue that given the threats you perceive, it's not an
important requirement for an encrypted mailing list. But given the
ease which which systems are penetrated these days, I disagree for
most purposes I can think of.
Steve
--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@jab.org
