[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sending debian-private postings to gmail

On Thu, May 25, 2006 at 02:13:38AM +0200, Henning Makholm wrote:
> Scripsit "Kevin B. McCarty" <kmccarty@Princeton.EDU>
> > Taken to extremes, this implies that (1) DD's should only receive mail
> > sent to boxes under their own control and (2) all mail passing through
> > debian-private should, for each subscriber to the list, be encrypted
> > individually to the public key on file for her/him.
> > Come to think of it, (2) isn't a bad idea.  Is it feasible for this to
> > be done transparently?
> It may or may not be feasible to do it transparently on the list
> software side, but it certainly isn't feasible to do it on the reader
> side. I for one certainly am not going to make a daily effort to move
> mail from the internet-connected box to the one that knows my secret
> key, and type in my 100+ character passphrase several times in order
> just to get to know that ${INSERT_RANDOM_DD} will be on vacation.
> Better to drop -private completely then, and what does that gain
> anybody?

If we are to be paranoid, another possibility is that a POP server
is made available in a Debian controlled box just for debian-private
use by DD, so debian-private mail is sent there, and nowhere else, and
retrieved from there by DD. Some security adjustments might be needed.


Reply to: