The mailing list for listmasters using Sympa

[David Verdin <address@concealed>]

Hi Dick,

Le 16/10/13 15:18, Dick Visser a écrit :

Hi guys

I'm investigating the options of encrypted mail to a list, which Sympa
seems to support.
Upon reading the docs I find them somewhat vague. From
http://www.sympa.org/manual/x509#distributing_encrypted_messages, this
paragraph is especially misleading:

"The S/Sympa encryption feature in the distribution process assumes
that Sympa has received an encrypted message for some list. To be able
to encrypt a message for a list, the sender must have some access to
an X509 certificate for the list. So the first requirement is to
install a certificate and a private key for the list."

This could be interpreted as if all the senders should have the list
private key and cert, which (I hope!) is not the case.

No: That means that you need to install the public and private key in the Sympa config.
However, something between our original sentence and your re-phrasing should result in an improvment. I'll have a look.

Buy the way, if you find an easy way for listmasters (despite setting up their own PKI) to have mailing lsts certificate, I'm more than interested.

Cheers,

David

 I'd like to
propose a change in wording:

"For the S/Sympa encryption feature to work, a list is configured with
a public/private key pair. To be able to encrypt a message for a list,
a sender must have access to the public X509 certificate for the list.
Sympa receives the encrypted message, and because it (on nobody else)
has access to the list's private key, it can decrypt it. The decrypted
message is then re-encrypted for each individual subscriber, using
their respective public keys."


Thanks!!!

--
A bug in Sympa? Quick! To the bug tracker!

David Verdin Études et projets applicatifs
Tél : +33 2 23 23 69 71 Fax : +33 2 23 23 71 21   www.renater.fr	RENATER 263 Avenue du Gal Leclerc 35042 Rennes Cedex

Attachment: smime.p7s
Description: Signature cryptographique S/MIME