[Gaudenz Steinlin] Bug#810784: should match email adress case insensitive when sending encrypted mail

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jan 15 10:47:51 PST 2016


On Tue 2016-01-12 11:44:18 -0500, David Bremner wrote:
> [gaudenz wrote:]
>>   When sending encrypted mail the key lookup to encrypt to is done case
>>   sensitive on the mail address. As mail addresses are case insensitive
>>   this should be done case insensitive. Otherwise keys for users which for
>>   some reason have uppercase letters in their email address in the key UID
>>   are not found.

fwiw, i agree with gaudenz that this is the right thing to do, despite
being a gray area.

For the right-hand side of an e-mail address (the stuff after the @; the
e-mail domain), the DNS label there is case-insensitive by definition.

There may be some additional thinking to be done here when thinking
about non-ASCII DNS labels in the RHS, though -- should we be
normalizing the domain names in doing the search?  using punycode?

The stuff before the @ is a bit more problematic.

According to the standards documents, the left-hand-side of an e-mail
address (the "domain-specific" part) is up to the mail domain to parse
and process.  So it would not be a violation of the public
specifications for the operator of the MX for example.org to provide
three distinct mailboxes for alice at example.org and Alice at example.org and
ALICE at example.org.

However, i know of no mail providers that do so, and anyone proposing to
do such a thing should have their head examined.

Examining GnuPG's interface here, it looks like gpg already does
case-insensitive matching when searching for an e-mail address
surrounded by angle-brackets.

So where is the case-insensitive lookup happening?  Is this a bug in
mml-mode, or in notmuch-emacs?

          --dkg


More information about the notmuch mailing list