~sircmpwn/sr.ht-discuss

2 2

Should the mailing list respect the user's privacy settings?

Details
Message ID
<1831339.u6MfGjpqfb@heimdall>
DKIM signature
pass
Download raw message
In my Privacy settings for my account I have it set so that emails coming from 
sr.ht should be encrypted with my GPG key. With this setting sending the test 
email does correctly send a message that is signed with sr.ht's public key and 
encrypted with the public key that I have selected on my account. The 
questions is if emails generated from list.sr.ht should also respect these 
settings?
Details
Message ID
<4c6305545cedac4de0e311128df8b9262de50491.camel@ben.gmbh>
In-Reply-To
<1831339.u6MfGjpqfb@heimdall> (view parent)
DKIM signature
pass
Download raw message
Sorry if I miss the point, but I'm trying to understand why you would
want this...all of the emails sent by lists.sr.ht originate by being
created by other users. If the list is public it doesn't matter whether
you get the emails encrypted or not because they're publicly viewable,
and if you want to keep list messages private you should have senders
encrypt their own mail instead of the list doing it for them.
Details
Message ID
<1816661.u6MfGjpqfb@heimdall>
In-Reply-To
<4c6305545cedac4de0e311128df8b9262de50491.camel@ben.gmbh> (view parent)
DKIM signature
pass
Download raw message
On Monday, April 6, 2020 9:14:10 AM EDT you wrote:
> Sorry if I miss the point, but I'm trying to understand why you would
> want this...all of the emails sent by lists.sr.ht originate by being
> created by other users. If the list is public it doesn't matter whether
> you get the emails encrypted or not because they're publicly viewable,
> and if you want to keep list messages private you should have senders
> encrypt their own mail instead of the list doing it for them.

I was mostly just curious about if lists.sr.ht should respect this setting as 
far as the email front goes. I have seen other other lists do this where if 
set by the user they could received messages from the list signed with the 
lists public key and/or encrypted by the receivers public key. The list server 
would also publish the unmodified plan text email to a mail archive site where 
the message would be publicly viewable.

Of course this does not prevent any kind of data to be leaked unless all 
replies to the message was also encrypted. There is also the fact that all 
messages can be publicly viewed via the web. The fact that mailing lists are 
inherently very difficult to 100% secure unless everything is forced to be 
sent encrypted and no publicly viewable archive exists is acceptable.

I was mostly curious about SourceHut's opinion on this was.
Reply to thread Export thread (mbox)