crypto and draft messages [was: Re: Emacs: postponing messages]

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jun 2 14:08:51 PDT 2016


On Thu 2016-06-02 14:21:44 -0400, Mark Walters wrote:
> There was some discussion on irc yesterday about a better way of
> postponing message when using the emacs frontend. I think getting a
> moderately nice interface should be quite easy (see below) but there are
> some corner cases on what *should* happen that I would like to resolve
> before trying to implement anything.

one other corner case worth thinking about here (it can probably be
postponed until we have base cases handled, but i wanted to bring it up)
is how per-message cryptographic operations (mml-secure-*) interact with
drafts.

In particular, i think that any sort of message signing should *not*
happen during saving of a draft, but the intent to sign should be
preserved.  That is, we should save and restore the #secure tag when
saving a draft or restoring a draft, but the saved draft itself should
*not* be signed.

for encryption, i have a different (and arguably opposite) intuition.
if the sender has the ability to *decrypt* mails, i'd argue that saving
a draft should encrypt the draft, regardless of the draft's stated
intent to encrypt.

These cases matter because i know many people use tools like
offline-imap to sync their mail store with a remote mailserver.

if the remote mailserver can get a copy of the signed draft, it could
replay it (effectively making use of an unintentional signature).
Likewise, if the user doesn't think about encrypting a message until
they're they're ready to send it, then an intermediate/draft version of
the message might end up in cleartext on the remote server.

    --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20160602/c06fad17/attachment.sig>


More information about the notmuch mailing list