Re: PGP-secure mailing list?

D.den Otter (
Mon, 22 Nov 1999 15:38:38 +0100

> From: Eliezer S. Yudkowsky <>

> Does anyone know of a mailing-list program that can operate securely in
> a not-too-inconvenient way? An example might be a mailing list program
> that can decrypt PGP messages sent to it, re-encrypt the message with
> the public PGP keys of the recipient list, and send each recipient a
> message encrypted with vis key.

Something like this?
Petidomo supports fully encrypted mailing lists, using the well-known encryption programm Pretty Good Privacy (PGP). From:

8.2 PGP-encrypted mailing lists at

"Another very useful feature of the posting filter and the access control languange is the ability to maintain  encrypted mailing lists. The idea is very simple: You create a PGP key pair for your mailing list and spread the public key among the subscribers of your mailing list. In turn you collect their public keys and store them on the mailing list server.

Whenever a subscriber wants to post an article to the mailing list, he will encrypt it with the public key of the list server before transferring it through the Internet. Petidomo will then receive the mail, decrypt and process it and encrypt it again, with the public keys of the subscribers. Once encrypted again, the mail is distributed to the readers.

Please note that at no time the mail was sent through the Internet in clear text. Hence this mode is well-suited for maintaining internal discussion lists for, say, software development among a few people who know each other but live spread throughout the world. Included in the distribution are two scripts, and, which realize this. The setup needs a bit of work, but once you understand the principle, it is rather easy. Just follow the steps described below".


Another related link

"The first thing for you to do is to generate another pair of keys - these will be the master keys. Next, send copies of both of keys to everyone on the list, using your newfound encryption technology. Sending keys in the mail may sound like a dangerous idea, but because your friends all have their own sets of keys, you can use their personal public keys to encrypt the master keys for the list and send the master keys securely to each of the members.

Now everyone has an identical pair of master keys, and they've never even met face to face. These keys are in addition to their own personal keys, which they can use for personal encrypted mail. Emails sent to the mailing list are encrypted by the public master key and broadcast to the list members, who use the private master key to decode them. This is a perfect information security system, as long as no one's computer gets bagged."