Have a way to reencrypt mail addressed to security@gnupg.org to allow multiple recipients that are unknown to the sender. Maybe use schleuder or neal's solution.
Description
Description
| Status | Assigned | Task | ||
|---|---|---|---|---|
| Resolved | • werner | T3258 clean up note on bug reporting form | ||
| Open | None | T3074 key management for security@gnupg.org |
Event Timeline
Comment Actions
There is a prototype implementation in the branch neal/encrypted-mailing-lists . A paper describing the design is at: ftp://ftp.gnupg.org/people/neal/openpgp-mailing-lists.pdf . The design was reviewed by Matt Green and DKG. DKG suggested using a slightly different OpenPGP construct (specfically, using user attribute packets instead of my encrypted subkey hack).
Comment Actions
Another option is to distribute the secret subkey to all hackers who need to be able to read that. We won't need any backward security due to our transparency goal. At the time we add a new hacker to the list we can simply create a new subkey. With the extend privat key format we would also have a method to add information to the secret key, so that we can track who got one.