Does it *have* to be a conventional mailing list? How about a web-based
archive.
Your CA issues an SSL cert to the server. It can also issue certs to
mailing list members, and/or SSL client certs. To "post" users either
send signed mail to an alias (which verifies the signature and makes
sure it comes from an authorized user), or they use SSL and enter theier
message in a web form.
The server uses client certs or a login page, adn a cookie to keep track
of "last read date". It then shows the new messages.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
