1 files changed, 19 insertions, 0 deletions

diff --git a/docs/security.rst b/docs/security.rst
new file mode 100644
index 0000000..940136a
--- /dev/null
+++ b/docs/security.rst
@@ -0,0 +1,19 @@
+=======================
+Security considerations
+=======================
+
+Mailman-pgp needs to process the messages when they arrive to the mailing list,
+to do so it has to decrypt them. Then they pass through Mailman chains and
+pipelines to be (optionally) encrypted again and sent out.
+
+Keys are currently stored not encrypted.
+
+Mailman-pgp only provides some confirmation that the subscriber has access to
+the signing capability of the key provided on subscription, by requesting the
+user to sign a statement saying so. It is up to the list moderator/admin to
+verify and confirm the subscribers identity.
+
+Any successful subscriber that has his key set, will receive messages encrypted
+to his key(if the mailing list is set to encrypt) and thus even one compromised
+or malicious subscriber will compromise all messages of a mailing list.
+