unofficial mirror of notmuch@notmuchmail.org
 help / color / mirror / code / Atom feed
From: Ruben Pollan <meskio@sindominio.net>
To: micah anderson <micah@riseup.net>
Cc: notmuch@notmuchmail.org
Subject: Re: indexing encrypted messages (was:  OpenPGP support)
Date: Sun, 10 Jan 2010 13:42:59 +0100	[thread overview]
Message-ID: <20100110124259.GK15677@blackspot> (raw)
In-Reply-To: <873a2gbd09.fsf@lillypad.riseup.net>

[-- Attachment #1: Type: text/plain, Size: 1883 bytes --]

On 14:41, Fri 08 Jan 10, micah anderson wrote:
> On Fri, 8 Jan 2010 10:21:21 +0100, Ruben Pollan <meskio@sindominio.net> wrote:
> > On 15:56, Fri 08 Jan 10, martin f krafft wrote:
> > > How about indexing GPG-encrypted messages?
> > 
> > I think that would be security hole. You should not store the
> > encrypted messages on a decrypted database. A solution whould be to
> > encrypt as well the xapian DB, but I think is too complex for the use.
> 
> Would you consider it a security hole if you stored your database on
> encrypted media (such as on-disk block encryption)?

No, in this case should be not a security hole. But anyway what is secure and
what not should be defined by the user. For some users may not be a security
hole to store the email decrypted.

But I think notmuch by default should not do so. This kind of things should be
something that the user activate by hand knowing what she is doing.

> I know that sup does this, when it ran over my mail store, it would
> trigger my gpg agent so that it could decrypt the encrypted
> messages. This was annoying because this happened every time it ran,
> which meant that unless I had used gpg recently, my agent would pop up
> and ask me for my passphrase, which was often.

I didn't use sup. Don't know how it works. But that feature is technically
possible. As I said before in my personal opinion that should not be the 
out-of-the-box behavior.

> The way Mutt provides this functionality is by decrypting only when you
> perform the search itself.

Yes, but notmuch can not do that. notmuch indexes the messages and mutt not.



-- 
Rubén Pollán  | jabber:meskio@jabber.org
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Lo hago para no volverme loco cuando noto
que solo me queda un demonio en un hombro
por que se ha cortado las venas
el ángel que había en el otro.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

  reply	other threads:[~2010-01-10 12:40 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-11-23 13:00 OpenPGP support Jameson Graef Rollins
2009-11-26  6:01 ` Jameson Graef Rollins
2009-11-26  7:08   ` Aneesh Kumar K. V
2009-11-26 18:31     ` Jameson Graef Rollins
2009-11-26 19:12       ` Carl Worth
2010-01-08  2:56   ` indexing encrypted messages (was: OpenPGP support) martin f krafft
2010-01-08  8:09     ` Mike Hommey
2010-01-08  9:12       ` martin f krafft
2010-01-08  9:21     ` Ruben Pollan
2010-01-08 10:24       ` martin f krafft
2010-01-08 19:41       ` micah anderson
2010-01-10 12:42         ` Ruben Pollan [this message]
2010-01-08 10:37     ` James Westby
2010-01-14 10:03       ` Olly Betts
2009-11-26 18:41 ` OpenPGP support Carl Worth
2009-11-26 23:01   ` Keith Packard
2009-11-28  4:06     ` Carl Worth
2009-11-29 19:44   ` Jameson Graef Rollins

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://notmuchmail.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100110124259.GK15677@blackspot \
    --to=meskio@sindominio.net \
    --cc=micah@riseup.net \
    --cc=notmuch@notmuchmail.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://yhetil.org/notmuch.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).