Hi, I would like to share some of my thoughts about encrypting mesages on mailing lists. I think that it would be really great if Mailman (and other mailing list applications) would support encryption. When user will register to mailing list he or she should send his/her public GPG key to the Mailman server. He/she would then receive public GPG key of mailing list. All mail sent to the list should then be encrypted (recipient is mailing list address and user has it's public GPG key). Mailing list would then decrypt it, and deliver that message to it's users encrypted and signed. That approach would resolve several problems: - user would know that messages are really coming from mailing list (no impersonation here); - no spam anymore (or at least much less spam) - registered users would need to send encrypted e-mails to mailing list, all other messages will be dropped; - messages are sent to user in encrypted form (regardless mail archive is public or not) - prevents eavesdropping on public places for instance; - messages stored in user's mailbox are encrypted (this could be important in some countries (don't forget bordercrossing!). Even if mailing list archive is public, this prevents automatic forensic tools to get useful information from the seized disks; - if mailing list is not public messages in an archive are really safe (remember quintessenz and NSA mailing list archive story? :-> ); - if mailing list is public messages in archive are still signed and their itegrity could be checked; - this would promote encryption in several ways: users would be "forced" to use encryption and users would get familiar with encryption; - and this is also important: more e-mail traffic would be encrypted by default - that makes all us who use encryption more safe. Remember: NSA thinks that everybody using encryption should automatically become a target od broader surveillance - let's overload them). I believe we should ask Mailman developers to include that functionality in the future releases. What do you think? Regards, Matej