[notmuch] indexing encrypted messages (was: OpenPGP support)

micah anderson micah at riseup.net
Fri Jan 8 11:41:26 PST 2010


On Fri, 8 Jan 2010 10:21:21 +0100, Ruben Pollan <meskio at sindominio.net> wrote:
> On 15:56, Fri 08 Jan 10, martin f krafft wrote:
> > How about indexing GPG-encrypted messages?
> 
> I think that would be security hole. You should not store the
> encrypted messages on a decrypted database. A solution whould be to
> encrypt as well the xapian DB, but I think is too complex for the use.

Would you consider it a security hole if you stored your database on
encrypted media (such as on-disk block encryption)?

I know that sup does this, when it ran over my mail store, it would
trigger my gpg agent so that it could decrypt the encrypted
messages. This was annoying because this happened every time it ran,
which meant that unless I had used gpg recently, my agent would pop up
and ask me for my passphrase, which was often.

The way Mutt provides this functionality is by decrypting only when you
perform the search itself.

micah
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20100108/5d884468/attachment.pgp>


More information about the notmuch mailing list