On 20-Sep-08, at 02:39 , Matt wrote:
It does sound interesting, but how can I trust the signature of a
key I
know wasn't generated by the appropriate user? How can anyone trust
the
key the listserv generated for me? How can I be certain that at no
point
in the future the serve isn't going to forge a signature, since it has
my private (use on list X only) key and passphrase?
I don't see the system having any of my private keys.
It seems to work by having the email system keep track of the public
keys of list subscribers, while also having its own key pair for the
list.
When I send a message to the list, I encrypt it with the list's public
key and sign it with my private signing key.
The list handler then checks (using my public key) that a list member
(me) sent it, decrypts it with its private key, and resends the
message to each list member, encrypting with each member's public keys
and signs it with list private signing key.
It is not really any different than sending messages to a group of
people which are on your public keyring, except that the membership of
the group is known only to this list manager and each member of list
does not have to keep a public key for each member, just list itself.
Itdoes have the problem that one needs to trust that the list
management software is not compromised, as it has access to the plain
text messages and is essentially acting as a man-in-the-middle agent
to accomplish all this.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
