[Review] Re: new "crypto" branch providing full PGP/MIME support

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Feb 28 10:59:54 PST 2011


On 02/28/2011 01:25 PM, Jameson Rollins wrote:
> On Mon, 28 Feb 2011 08:52:45 -0500, Ross Glover <ross at ross.mayfirst.org> wrote:
>> I too am now running the crypto branch and find it quite amazing.  The
>> one feature I would like added, though, is some face color or
>> auto-tagging in the search buffer for mail with encrypted mime parts.
>> It seems like this could be achieved with notmuch effort (by someone
>> notme) by adding similar functionality to that of attachments in
>> index.cc.
> 
> Yes, this is a good idea, Ross, and one that I've actually been wanting
> to implement.  I was thinking of auto-tagging messages with signed parts
> with something like "signed", and encrypted messages with "encrypted".
> Do people like those tags, or would they prefer to see something
> different?  Or more specific, like "pgp-signed"?

i don't care much about the difference between PGP/MIME and S/MIME
message formats, so i prefer the term "signed" to "pgp-signed" and
"encrypted" to "pgp-encrypted".

  ----

But: what does the "signed" tag mean? i wouldn't want to necessarily
conflate these four ideas:

 0) "this message claims to be cryptographically-signed"

 1) "we have verified a cryptographic signature over this message"

 2) "we have verified a cryptographic signature over this message from a
known key (that is, we believe we know who the key belongs to)"

 3) "we have verified a cryptographic signature on this message from the
sender claimed in the From: line"

3 implies 2, 2 implies 1, and 1 implies 0, of course.  But which level
would a "signed" tag signify?

I'll also note that signed+encrypted messages would not get tagged with
"signed" unless the recipient has successfully decrypted them.  And
then, it's possible that some sub-parts of a message are signed, and
others are not.  Would the tags indicate the maximum "level" found? or
the minimum?  something else?

  ----

For that matter, what would an automatically-placed "encrypted" tag
mean?  i can think of a few different approaches:

 0) some part of this message is wrapped in an encrypted MIME block

 1) some part of this message is wrapped in an encrypted MIME block that
claims to be decryptable by a key you control

 2) some part of this message is wrapped in an encrypted MIME block and
you can actually decrypt it (have decrypted it in the past?).

2 in particular couldn't be auto-assigned without having access to the
user's secret key material in the first place, but maybe it could be
assigned after a decryption succeeds?


	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/1bc77be0/attachment.pgp>


More information about the notmuch mailing list