Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

[Gregor Zattler]

Hi Nicolas, Damien,

this is great functionality!  But I have problems using this:
* Nicolas Petton <petton.nicolas@gmail.com> [2018-04-04; 14:33]:
> branch: master
> commit 29006a6fd8e989013098b0281aa0b9efe13feb1d
> Author: Damien Cassou <damien@cassou.me>
> Commit: Nicolas Petton <nicolas@petton.fr>
>
>     Detect if a message can be encrypted and add an MML tag
>     
>     * lisp/gnus/message.el (message-all-recipients): Return a list of
>     pairs, one for each recipient in To, Cc, Bcc.
>     (message-all-epg-keys-available-p): Check that there is a public key
>     in epg for each recipient of the current message.
>     (message-sign-encrypt-if-all-keys-available): Add MML tag to sign and
>     encrypt current message if there is a public key for every recipient
>     in current message.
>     
>     * test/lisp/gnus/message-tests.el (message-all-recipients): Test for
>     message-all-recipients.
> ---
>  etc/NEWS                        |  8 +++++++
>  lisp/gnus/message.el            | 30 +++++++++++++++++++++++++++
>  test/lisp/gnus/message-tests.el | 46 +++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 84 insertions(+)
>
> diff --git a/etc/NEWS b/etc/NEWS
> index baff966..02b31ec 100644
> --- a/etc/NEWS
> +++ b/etc/NEWS
> @@ -337,6 +337,14 @@ or NextCloud hosted files and directories.
>  It was obsolete since Emacs 22.1, replaced by customize.
>  
>  \f
> +** Message
> +
> ++++
> +*** Messages can now be systematically encrypted
> +when the PGP keyring contains a public key for every recipient.  To
> +achieve this, add 'message-add-encrypt-tag-if-can-encrypt' to
> +'message-send-hook'.

When doing so I get:

run-hooks: Symbol’s function definition is void:
message-add-encrypt-tag-if-can-encrypt when sending a email.

Actually rgrepping emacs source for
"message-add-encrypt-tag-if-can-encrypt" finds only this very
NEWS entry.

Instead I added message-sign-encrypt-if-all-keys-available to
message-send-hook.  This works but there are two separate issues:

1) It adds the MML tags even if the recipients key is disabled.

2) More complicated: The UI does not provide a means to
temporarily not use encryption (when e.g. you know your
correspondent is on vacation and reads email on a smartphone
without decryption facilities).  The only way to send an
unencrypted email to a recipient for whom I have the
corresponding pub key, is to delete
message-sign-encrypt-if-all-keys-available from message-send-hook
before sending.

Thanks for working on this urgently needed feature, Gregor

Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

[Damien Cassou]

Gregor Zattler <telegraph@gmx.net> writes:
> run-hooks: Symbol’s function definition is void:
> message-add-encrypt-tag-if-can-encrypt when sending a email.


right. I will send a patch fixing the NEWS entry. Thanks for the report.


> 1) It adds the MML tags even if the recipients key is disabled.


I don't know what "the recipients key is disabled" means.


> 2) More complicated: The UI does not provide a means to
> temporarily not use encryption (when e.g. you know your
> correspondent is on vacation and reads email on a smartphone
> without decryption facilities).  The only way to send an
> unencrypted email to a recipient for whom I have the
> corresponding pub key, is to delete
> message-sign-encrypt-if-all-keys-available from message-send-hook
> before sending.


I agree. We could add a boolean buffer-local variable that the user
could toggle with something like `M-x
message-toggle-sign-encrypt-if-all-keys-available`. This would only
affect the current buffer. What do you think?

-- 
Damien Cassou
http://damiencassou.seasidehosting.st

"Success is the ability to go from one failure to another without
losing enthusiasm." --Winston Churchill

Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

[Herring, Davis]

> I agree. We could add a boolean buffer-local variable that the user
> could toggle with something like `M-x
> message-toggle-sign-encrypt-if-all-keys-available`. This would only
> affect the current buffer. What do you think?

Presumably you'd want separate toggles for signing and encrypting (and maybe only the latter): maybe

  M-x message-toggle-encryption
  M-x message-toggle-signing

Davis

Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

[Gregor Zattler]

Hi Damien,
* Damien Cassou <damien@cassou.me> [2018-04-11; 13:44]:
> Gregor Zattler <telegraph@gmx.net> writes:
>> run-hooks: Symbol’s function definition is void:
>> message-add-encrypt-tag-if-can-encrypt when sending a email.
>
>
> right. I will send a patch fixing the NEWS entry. Thanks for the report.
>
>
>> 1) It adds the MML tags even if the recipients key is disabled.
> I don't know what "the recipients key is disabled" means.

A user may have a recipients public key in GnuPGs public key ring
but disable it.  The key is the labled as disabled in key
listings and gpg does not use it for encryption.
This feature comes in handy if a recipient of yours forgot
his/her passphrase to the private part of the key pair or lost
the private key.  In this case you may disable the public key in your
keyring.  Then this public key is not used in the future for
encryption but you are still able to verify signatures made with
the corresponding private key in the past.

Therefore disabled keys should not be considered with respect to
the question if there are public keys for all recipients of a
given message. 

>> 2) More complicated: The UI does not provide a means to
>> temporarily not use encryption (when e.g. you know your
>> correspondent is on vacation and reads email on a smartphone
>> without decryption facilities).  The only way to send an
>> unencrypted email to a recipient for whom I have the
>> corresponding pub key, is to delete
>> message-sign-encrypt-if-all-keys-available from message-send-hook
>> before sending.
>
>
> I agree. We could add a boolean buffer-local variable that the user
> could toggle with something like `M-x
> message-toggle-sign-encrypt-if-all-keys-available`. This would only
> affect the current buffer. What do you think?

Yes, or slightly easier for the user to handle: a
command which removes the MML tags and sets this buffer local
variable or even then sends the message again.

Thanks for considering this.

Have a nice day, Gregor

Re: [Emacs-diffs] master 29006a6: Detect if a message can be encrypted and add an MML tag

[Jens Lechtenboerger]

>> 1) It adds the MML tags even if the recipients key is disabled.
>
>
> I don't know what "the recipients key is disabled" means.

Function mml-secure-check-sub-key avoids disabled keys,
mml-secure-find-usable-keys calls that.  You may want to call the
latter instead of epg-list-keys.  That’s what I do in jl-encrypt.el
[1].

>> 2) More complicated: The UI does not provide a means to
>> temporarily not use encryption [...]
>
> I agree. We could add a boolean buffer-local variable that the user
> could toggle with something like `M-x
> message-toggle-sign-encrypt-if-all-keys-available`. This would only
> affect the current buffer. What do you think?

In jl-encrypt.el the user can confirm that they really want to send
plaintext although keys are available.

Best wishes
Jens

[1] https://www.informationelle-selbstbestimmung-im-internet.de/Emacs.html