diff options
Diffstat (limited to 'docs/security.rst')
| -rw-r--r-- | docs/security.rst | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/security.rst b/docs/security.rst new file mode 100644 index 0000000..940136a --- /dev/null +++ b/docs/security.rst @@ -0,0 +1,19 @@ +======================= +Security considerations +======================= + +Mailman-pgp needs to process the messages when they arrive to the mailing list, +to do so it has to decrypt them. Then they pass through Mailman chains and +pipelines to be (optionally) encrypted again and sent out. + +Keys are currently stored not encrypted. + +Mailman-pgp only provides some confirmation that the subscriber has access to +the signing capability of the key provided on subscription, by requesting the +user to sign a statement saying so. It is up to the list moderator/admin to +verify and confirm the subscribers identity. + +Any successful subscriber that has his key set, will receive messages encrypted +to his key(if the mailing list is set to encrypt) and thus even one compromised +or malicious subscriber will compromise all messages of a mailing list. + |