Sorry Damian, but I don't see why the mail server needs to have the _private_ keys of the individuals...
If I have the story correct... 1) You generate a key pair on the mail server and distribute the public key to your users. The public keys of your users are made accessible to the list-server in some sort of key repository which is reasonably safe. 2) User A writes email and they sign the email using their private key and they use the public key of the list-server to encrypt it and this mail is sent to the list-server. 3) The mail server server decrypts the mail using the private key of the list-server and then checks the signature using the users public key. 4) This mail is then marked as being validly signed by the originator and sent to all on the list individually encrypted using each users public key. The only private key on the list-server is the private key of the list. Have I missed something? Sean O'Riordain Damian Hesse wrote: > Jörn, > > >>>The task: now we want to set up mailinglists (server side) >>>like "[EMAIL PROTECTED]" where some users of our company and >>>some from a customer should be able to write signed and >>>encryted emails and everybody on the list should be able to >>>read it. >>> >>>The question is how should this be done? The only solution I can >>>imagine is to generate a certificate for the list and send the p12-file >>>to everybody on the list. But does it really work with all mail >>>programs, because for example: user A send an encrypted mail to >>>[EMAIL PROTECTED] which is expanded to user B, but its not originally >>>encrypted for B... >>> >>> >>Message senders encrypt the message with the public key of the >>mailinglist. The mailinglist server decrypts the message using the >>private key for the mailinglist and encrypts it again individually >>for every recipient. The problematic part is the signature, I guess. >>Would it be possible to keep the original signature? >>Or does the server have to check the sender's signature and sign >>it again with it's private key if the original signature is correct? >> >>The email programs would handle the encryption part nicely, >>but I fear that you cannot keep the original signature.. >> >>Jörn Sierwald >> > > No the signature is not the (main) problem. The problem are the > private keys of the users of the list. I don´t think thats a good idea > to have private keys of users on a central mail server. They should > remain on the client computers with password requests for every > access to make sure that nobody except the user itself have > access to the usage of their own certificates. Keep in mind that > in your model even the customer needs to give us their private keys > which is hardly possible, isn´t it? > > Damian > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
