An open source software for creating and developing secure email list services among user communities
Version: 1.0Secure Email List Services (SELS) provides signature and encryption capabilities while ensuring that the List Server does not have access to email plain text.
Operating System: Mac OS X
SELS has been developed with available open-source components and is compatible with many commonly used email clients.
SELS is based on the Open PGP (Pretty Good Privacy) standard. When users subscribe to a SELS-capable email list, they are each assigned a pair of digital keys. One key is used to open and read messages.
The other, a proxy key stored in the list server's key management system (or keyring), is used to be able to re-encrypt every signed and encrypted email that member sends to the list. That way, even if the list server or intermediary network is compromised, the email content is not visible to the attacker.
List participants don’t have to install custom email clients to use SELS. Commonly available plugins from GNU Privacy Guard (GnuPG, an open source implementation of PGP) provide compatibility with several commonly used email clients, including Mozilla Thunderbird, MacMail, Microsoft Outlook 2003, Mutt, and Emacs.
Who should use SELS?
Any group, community, or organization that needs to provide a secure email discussion list for its members should consider adopting SELS. Currently, SELS is being tested and used by cybersecurity professionals at NCSA and other NSF-supported large-scale computing facilities who detect, respond to, and prevent intrusions into thousands of systems used for research and development, including many of the world’s fastest supercomputers.
There are many groups who could benefit by using SELS:
· System administrators and security professionals engaged in site security and incident response.
· Academic researchers collaborating on a confidential project or proposal.
· Companies wishing to safeguard online discussions involving proprietary information.
· Financial institutions collecting or disseminating sensitive information or conducting private transactions.
· Healthcare organizations needing to communicate quickly and securely with medical personnel during an emergency.
· Educators interested in providing their students with a hands-on demonstration of encrypted communication and practical uses of cryptography.