[Mageia-discuss] (no subject)
Remco Rijnders
remco at webconquest.com
Thu Oct 13 17:47:06 CEST 2011
On Thu, Oct 13, 2011 at 01:35:34PM +0200, Johnny wrote in
<201110131335.37467.cooker at solbu.net>:
>On Thursday 13 October 2011 06:31, andre999 wrote:
>> how can a mailing list easily (and reliably) verify that the email
>> comes from a member, and that the adresse isn't spoofed ?
>
>It can't.
>Which is why I sign all of my email. Then users who care can verify that
>I sent it, and that it hasn't been tampered with along the way.
At FrOScon I attended a talk by the (sole) developer of the "Project
Lancelot" [1] mailing list software. One of the more interesting examples
he gave in his talk was the ability to filter or allow mails based on
their GPG-validation status. Of course, this probably wouldn't work for a
project like ours, but it would be nice if users could somehow signal to
the mailinglist software "mails from this subscriber are only valid if
they are signed by this key".
Remmy
[1] http://code.anselms.net/projects/lancelot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/mageia-discuss/attachments/20111013/a3ec8750/attachment.asc>
More information about the Mageia-discuss
mailing list