Re: On the security of e-mails
Sergio,
It would be useless to try and use SSL for debian-security, because it is
a publicly accessible list, which sort of defeats the purpose of SSL...
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
------END GEEK CODE BLOCK------
On Fri, 26 May 2000, Sergio Brandano wrote:
>
> Alexander Hvostov wrote
>
> > ...Unless you encrypt to a public key belonging to everyone on the
> > mailing list, which certainly can be done, though this means
> > distributing the appropriate public/private key pair, so the keys
> > themselves would also have to be encrypted, probably to each
> > individual user.
> >
> > Of course, you could also implement something like a bulletin board
> > on HTTP over SSL instead... or maybe SMTP over SSL to each individual
> > list subscriber. (insecure; most subscribers don't run their own mail
> > server)
>
> I have a comment on this, related to the never ending battle against
> SPAM. Why is that mailing lists, that are open only to subscribers,
> make public the content of thir messages (including addresses) on the
> web? Yes, archiving. But that opens the way to address collection.
>
> I like your proposal of using SSL for this list. And I think we
> should give it a try.
>
> Sergio
>
Reply to: