[PATCH] emacs: new crypto customization variable to control stashing of encryption session keys

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jun 19 09:42:04 PDT 2018


This is looking good to me, thanks!

two more bits of nit-pickery below:

On Tue 2018-06-19 08:20:12 -0700, Jameson Graef Rollins wrote:
> +(defcustom notmuch-show-stash-session-keys nil
> +  "Should session keys be stashed when decrypting messages for display?
> +
> +If this variable is non-nil session keys recovered while
> +decrypting messages for display will be stored in the database.
> +See description of --decrypt option in notmuch-show(1) for more
> +information.

do we want to include a warning here about the security of the index?
setting this value to true not only stashes the session keys, but it
also indexes the cleartext.  at the moment we're not directing people to
the same kind of warnings ("Be aware that the index… DO NOT USE …
without considering the security of your index.") that are present
already in notmuch-reindex(1) and notmuch-new(1) and notmuch-insert(1).
Perhaps notmuch-show(1) needs the same boilerplate warning, and we could
replicate some short version of it here too?

> +NOTE: Stashing encryption session keys requires opening the
> +notmuch database in read/write mode, which is not normally done

i'd say "not otherwise done" instead of "not normally done", since we
don't want to claim that people who use this feature aren't "normal" :)

      --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20180619/a39fec95/attachment.sig>


More information about the notmuch mailing list