In a lecture at the conference Kernel Recipes, the developer Thomas Gleixner presented the project Remail, with which an encrypted mailing list can be set up and operated. The project was created in response to the problems that the Linux kernel community had with the release of patches for the Meltdown and Specter hardware vulnerabilities.
Among other things, Gleixner is responsible for the x86 architecture code in the Linux kernel, making him one of the main persons responsible for integrating the patches in the Linux kernel. But the embargo enforced by Intel for the vulnerabilities has significantly hampered the work of the community. This is what the stable kernel responsible Greg Kroah-Hartman and the journalist and kernel developer Jonathan Corbet have pointed out in the past. Gleixner has also described this in detail in his presentation.
To overcome all the issues associated with the release of the vulnerabilities and patches, Gleixner has teamed up with the Linux Foundation and other active community members to develop a formalized approach that aims to bring the Linux community as early as possible, independently of individual companies or distributors to include discussion of hardware vulnerabilities. In addition, the usual development process of the Linux kernel community should be better represented.
The technically most important component of this procedure is the encrypted mailing list, which Gleixner created as a side project, as he noted in his presentation. A separate implementation of this technique had become necessary because there are very few existing solutions that also do not meet the special requirements of kernel hackers. Remail itself uses a relatively simple structure, uses existing techniques with MRA and SMTP server for receiving and sending, and for configuration Gleixner recommends the use of Git according to the documentation. A GUI and management tools are explicitly not. After all, the software is designed only for the very special usage scenario of the kernel developers.