userdoc:remail
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
userdoc:remail [2019-12-09 18:19] mricon created |
userdoc:remail [2020-05-08 14:56] (current) mricon |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ~~REDIRECT>https://korg.docs.kernel.org/remail.html~~ | ||
| + | |||
| ====== Encrypted email using ReMail ====== | ====== Encrypted email using ReMail ====== | ||
| - | Remail was written to sidestep the hard-to-solve problem of sending encrypted mail to multiple people, some of whom may prefer to use GnuPG, some PGP from Symantec, while others use S/MIME from coroprate-issued CAs that are not in universal CA trust stores. | + | Remail was written to sidestep the hard-to-solve problem of sending encrypted mail to multiple people, some of whom may prefer to use GnuPG, some PGP from Symantec, while others use S/MIME from corporate-issued CAs that are not in universal CA trust stores. |
| + | |||
| + | Remail accepts both S/MIME and PGP-encrypted email sent to a single address, decrypts it on the back-end, and then re-encrypts it to individual list subscribers using whichever is their preferred scheme for exchanging encrypted email. | ||
| + | |||
| + | For more information on this project, please see the [[https://git.kernel.org/pub/scm/linux/kernel/git/tglx/remail.git/|official Remail git repository]]. | ||
| + | |||
| + | ===== Remail at kernel.org ===== | ||
| + | |||
| + | Kernel.org uses remail for discussions that need to happen around coordinated response to embargoed security vulnerabilities. The service itself runs on a dedicated VM inside a private cloud cluster that has no direct access from the Internet -- it can only be accessed via the VPN used by IT operations personnel. Any administrative access to that internal remail system requires 2-factor authentication. Any off-site backups performed on that system are PGP-encrypted with a unique symmetric key before they are uploaded to external storage. | ||
| + | |||
| + | ==== Logging ==== | ||
| + | |||
| + | For transparency purposes, conversations exchanged between parties using encrypted email are logged on the internal remail system in order to provide a sanitized public discussion archive once embargoes are lifted. | ||
| + | |||
| + | ==== Requesting a remail list ==== | ||
| + | |||
| + | If you would like to request your own remail list, please contact [[helpdesk@kernel.org]]. | ||
| - | Remail accepts both S/MIME and PGP-encrypted email sent to a single address, decrypts it on the back-end, and then recrypts to individual list subscribers using whichever is their preferred scheme for email encryption. | ||
userdoc/remail.1575915572.txt.gz · Last modified: 2019-12-09 18:19 by mricon
Page Tools
