From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id D96E16DE0083 for ; Mon, 9 Apr 2018 03:23:56 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: 0.51 X-Spam-Level: X-Spam-Status: No, score=0.51 tagged_above=-999 required=5 tests=[AWL=-0.408, SPF_FAIL=0.919, SPF_HELO_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STrAB7XUjBDf for ; Mon, 9 Apr 2018 03:23:55 -0700 (PDT) Received: from immer7-21.glei.ch (immer7-b.glei.ch [212.103.72.240]) by arlo.cworth.org (Postfix) with ESMTPS id 7786F6DE0068 for ; Mon, 9 Apr 2018 03:23:54 -0700 (PDT) Received: from 127.0.0.1 (helo=localhost.localdomain) by immer7-21.glei.ch with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) id 1f5Txh-0006gS-Dw; Mon, 09 Apr 2018 12:23:45 +0200 Received: by rocinante.bitrigger.de (Postfix, from userid 1000) id 23E81A1CAF; Mon, 9 Apr 2018 12:23:44 +0200 (CEST) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="===============2904395255098456393==" MIME-Version: 1.0 Content-Disposition: inline From: Varac User-Agent: alot/0.7.0dev To: Daniel Kahn Gillmor , notmuch@notmuchmail.org References: <152268830863.8798.7409763089022466687@rocinante.bitrigger.de> <87o9itwg5x.fsf@fifthhorseman.net> In-Reply-To: <87o9itwg5x.fsf@fifthhorseman.net> Message-ID: <152326942407.5117.4428846108935868174@rocinante.bitrigger.de> Subject: Re: Header protection / memoryhole [was: Re: Header encryption / memoryhole] Date: Mon, 09 Apr 2018 12:23:44 +0200 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Apr 2018 10:23:57 -0000 --===============2904395255098456393== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Hi Daniel, Thanks for clarifying! Greetings, Varac Quoting Daniel Kahn Gillmor (2018-04-08 23:18:34) > On Mon 2018-04-02 18:58:28 +0200, Varac wrote: > = > > I'd like to know the state of header encryption support for > > notmuch (aka memoryhole) [1]. > = > "memoryhole" refers to "protected headers", not just encrypted headers. > That is, the headers can be protected both by cryptographic signature > *and* by encryption. This is a subtlety, but probably worth getting > right as we work on documentation and implementations. > = > This is on my list of things to work on for notmuch, but i'd be happy if > someone else beat me to it. clearly i've taken too long to get this > done. > = > fwiw, memory-hole messages do display successfully in all versions of > notmuch i'm aware of, but they do so by rendering the "force-display" > part. so notmuch currently uses the fallback arrangements as explicitly > intended by the original memoryhole draft. > = > as i see it, the steps are (in order): > = > * handle encrypted subject correctly during message display time if the > message is being decrypted. > = > * handle encrypted subject specifically during message decryption at > indexing time, storing it the correct subject field, instead of > storing the "outside" subject. > = > * suppress display of any "force-display" part during message display > time. > = > * handle any other cryptographically-protected headers during display > and indexing. > = > * generate protected headers when encrypting mail. > = > = > i welcome help with any of these steps :) > = > --dkg --===============2904395255098456393== MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Description: signature Content-Type: application/pgp-signature; name="signature.asc"; charset="us-ascii" -----BEGIN PGP SIGNATURE----- iQIcBAABCgAGBQJayz8vAAoJEFRl5354du0EfXIP/1RMV0QteRrAuM9amCwSzoiq oCGKu0nU3ZpXE8D1/5rvIa4n1e/26xXh8uOJlSx8Bq9J3mZ+2tq5Ev+vPm8wVc6M xs64pC/IF1Ver4IBYdogDZuV/QIkZllrxQYjqeERYRb44W1Idzj38YSCayp9bijG Kg6r4WzxS3vz+syqz8PjADqfkMqu+e5X2UBvg+//A9u1Bq8qHHvE5KlkDrKngqbj oXI3YVgeRt91IEO6o12HxvdBWK7lEc3rWXtrndQiBQaNGzCW4M5Tkriy/W3Z3crF IK+wCK3rTRJ/yQemv3s7JsumKuVHRlX5qMlnARFO7u+jt5Gk86t3Zxr8ysFoQpOX UQkcSDeZ5SClKbSoXjy+JCquc5nqsnJwDA0rg3v70at289qfVs3+wT//uk/ZB3Cb wsKkqrgo3bJ5hhpdAM9hbeUF/X1/7m/lfTfSb1Ghbr5b8YBFhE7RQLJF8pOjA2kY Izf7He5oCMBt0zSUxny0g7fh0P+I6WgLXi5TCDZEnfNsdXJpCW3IhczK1dIw40/6 r0W4CkHjduQM95QChox+LVqN1dEzgSIxtNoMSOSqTd/bEQzblnYXIJNgAMCq/vSB 4FxunqCiWl9V7OaWR4VE9NdrzOLQi1+vohwALTQ3FTQXPyUHaSCSVvLw/BXySAI+ Mq7WewrPTS0KP2+zmw0o =8eXr -----END PGP SIGNATURE----- --===============2904395255098456393==--