For key management, I could see something like:
- A keypair is provided to the MLM for each mailing list
- During the subscribe request handshake, the user would
sign the subscription request.
- The MLM would verify that the signature matches the e-mail
address associated with the request, sign and encrypt a
confirmation request, and send it to the requested address.
- The user would send a signed and encypted confirmation.
- The MLM would subscribe the user and public key, and send
an encrypted confirmation.
Thereafter, the sender would send encrypted and/or signed messages,
depending upon list policy, and the list would be able to send encrypted
messages to each user. This would provide privacy of content and prevent
address spoofing, both for senders and recipients.
Noel
To unsubscribe, e-mail: server-dev-unsubscribe (AT) james (DOT) apache.org
For additional commands, e-mail: server-dev-help (AT) james (DOT) apache.org