allow indexing cleartext of encrypted messages

Tomi Ollila tomi.ollila at iki.fi
Fri Dec 11 14:05:20 PST 2015


On Fri, Dec 11 2015, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:

> On Wed 2015-12-09 22:39:37 -0500, Daniel Kahn Gillmor wrote:
>>  * the libnotmuch API is extended with
>>    notmuch_database_add_message_try_decrypt().  This should probably
>>    ultimately be more general, because there are a few additional
>>    knobs that i can imagine fiddling at indexing time.  For example:
>>
>>     * verifying cryptographic signatures and storing something about
>>       those verifications in the notmuch db
>>      
>>     * extracting OpenPGP session key information for a given message
>>       and storing it in a lookaside table in the notmuch db, so that
>>       it's possible to securely destroy old encryption-capable keys
>>       and still have local access to the cleartext of the remaining
>>       messages.
>>
>>    Some of these additional features might be orthogonal to one
>>    another as well.  I welcome suggestions for how to improve the API
>>    so that we don't end up with a combinatorial explosion of
>>    n_d_add_message_foo() functions.
>
> I have a proposal for how to do this better:
>
> I'll introduce a notmuch_index_options_t, with the usual constructors
> and destructors and a couple functions:
>
>   notmuch_index_options_set_try_decrypt()
>   notmuch_index_options_get_try_decrypt()
>   notmuch_index_options_set_gpg_path()
>   notmuch_index_options_get_gpg_path()
>
> Then i'll add:
>
>   notmuch_database_add_message_with_options(db, fname, options, &message)
>
> If we add new indexing features, they can be set directly in the
> index_options object (including features that might be more complex than
> a string or a bool, like a chain of command-line filters).
>
> a few nice features of this approach:
>
>  * The user of the library can craft a set of index options and repeat
>    it easily, and the options can contain cached/lazily-initialized
>    things (like GMimeCryptoContexts) if needed.
>
>  * The user can index different messages with different options if they
>    prefer (no need to set the options on the database object itself)
>
>  * the capability of the indexing features in the library is visible
>    directly in the exposed API.
>
> any thoughts on this?

sounds good (on paper) (*)

>
>     --dkg

Tomi

(*) deliberately declined to write 'looks good' >;) (but it's good)


More information about the notmuch mailing list