[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #12842 [Tor Support]: Helpdesk needs a PGP key to be able to receive encrypted help queries
#12842: Helpdesk needs a PGP key to be able to receive encrypted help queries
-----------------------------+-------------------
Reporter: mrphs | Owner: lunar
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Support | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-------------------
Comment (by lunar):
See #12816 for a discussion on how to do that using RT and why I think
it's a bad idea.
Other options I have experience with are:
* An OpenPGP key where the privacy key is shared by multiple people.
Painful, as once someone leaves the team, you need to revoke the entire
key, issue a new one, and redispatch the private key.
* Using [Schleuder](https://schleuder2.nadir.org/), a gpg encrypted
mailing list system with remailer capabilities. Each message is decrypted
on a central server (which holds the common private key) and then re-
encrypted for every recipient. By sending an encrypted and signed message
to the list, it's possible to add new keys to the list keyring and also
send replies to outside email addresses. This is how Tails does support.
Schleuder is ok to use once you've mastered it. But that's a process which
made some people really unhappy. Also the software is in bad shape right
now (probably it won't be in Debian Jessie).
In any cases, this mean that these OpenPGP-encrypted exchanges would
likely be out of RT.
All of this seems like a lot of pain for little gain. We have a process
that works pretty much alright right now. I don't see an easy way to
introduce OpenPGP in there that will not make us loose email, fail to
follow-up on users, and the like.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12842#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs