alot: can't read sent emails, after encryption

alot: can't read sent emails, after encryption

[apmanine]

Hi,

I have recently switched to notmuch. Thank you for it!
I'm using "alot" as a frontend (thank you for it, too!). Everything
works smoothly, apart from one problem: with alot, I can't figure out how
to read encrypted emails I previously sent: they appear to be encrypted
using the addressee's key.

Is there some way to store encrypted sent emails with my own public gpg
key?

Thanks,

Alain-Pierre

Re: alot: can't read sent emails, after encryption

[Ruben Pollan]

[-- Attachment #1: Type: text/plain, Size: 935 bytes --]

Quoting apmanine@idaaas.com (2013-11-12 15:27:42)
> I have recently switched to notmuch. Thank you for it!
> I'm using "alot" as a frontend (thank you for it, too!). Everything
> works smoothly, apart from one problem: with alot, I can't figure out how
> to read encrypted emails I previously sent: they appear to be encrypted
> using the addressee's key.
> 
> Is there some way to store encrypted sent emails with my own public gpg
> key?

Same problem here, I think what is stored is the email that was send. It will be 
great if alot stores it as you say with your own public gpg key.

I think we should open an issue about in the alot github tracker:
https://github.com/pazz/alot/issues
Can you do it?


-- 
Ruben Pollan  | http://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: http://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAABCgAGBQJSgrNBAAoJEMcysdHCj04vAVMP/1fkY5du8Aw4MgOMRx3OJdb6
zsCq2kfc909VOANixxJW3co8QhjHZgh8cUKGAZIdhJ2suQmsnOV2XxAklcnF851u
I87IK+LBdUQ4M1XF1PyeBS+EvEiVNzdHmCGjKwT3UFl8Ph2kDfn5Jwt7DcWhfHok
PYkjUgnrF+ujBw2+P7g5MsCmSU4Uf0A6OVNGW1eKmUxgcqoYummr71jQ8BZHApy8
IGRabtyPZWbkRF4MVAPxc2L66tteZtImfRnbt1Z5pJNfH7SYEembekjCs3MIOx0y
hxuxs5lLA7UzggQrXhjjKCQb7ri+1LfyTr6hGBdl9C5P6pWPOGLG8LryqiexJcl9
yekf/7uY7QRxcVxsxQlWX2NFojj/4WQCJRHxMeMcjTJEjyo0F7ndy++KnqTY+22H
HhAMPc/r3gpzs2UJz4WENxngQ+6/iSiO++9yB84OGrP9oAWg4QgYjNuLSGcTkqsw
d9K5vMfBis6NnWLv0yWFwnfCvbEif4mzBYJfsQpAyTAQ5JCLDJds7+AabMY30wV0
5U8s5vHDhKiLf9DCOFLxU8MP7XVdsZJb/cPI4U/2HP+wLDFQ/7+R9Lj9ciEkcvXQ
J3dok0S8zPxqo6I5K8SZh+MMFmE+4Hm4AikOuzgvF/W1oGqNs08gqyyIblsyWZbE
PaFvnZE1bxe269X1/u5/
=RyET
-----END PGP SIGNATURE-----

Re: alot: can't read sent emails, after encryption

[apmanine]

Quoting Ruben Pollan (2013-11-13 00:01:21)
> 
> Same problem here, I think what is stored is the email that was send. It will be 
> great if alot stores it as you say with your own public gpg key.
> 
> I think we should open an issue about in the alot github tracker:
> https://github.com/pazz/alot/issues
> Can you do it?

Thank you for your answer.
I'm going to open an issue.


Alain-Pierre

Re: alot: can't read sent emails, after encryption

[Jameson Graef Rollins]

[-- Attachment #1: Type: text/plain, Size: 926 bytes --]

On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
> I have recently switched to notmuch. Thank you for it!
> I'm using "alot" as a frontend (thank you for it, too!). Everything
> works smoothly, apart from one problem: with alot, I can't figure out how
> to read encrypted emails I previously sent: they appear to be encrypted
> using the addressee's key.
>
> Is there some way to store encrypted sent emails with my own public gpg
> key?

What you really want is to tell gpg to always encrypt messages to your
personal key as well, which will always make them viewable by you.  This
way you don't have to worry about saving unencrypted versions of the
message to disk, or there being two distinct versions of the message
(one encrypted to the recipient and a different one encrypted to you).

See the "encrypt-to" gpg option [0].

jamie.

[0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

Re: alot: can't read sent emails, after encryption

[Patrick Totzke]

[-- Attachment #1: Type: text/plain, Size: 1326 bytes --]

Quoting Jameson Graef Rollins (2013-11-16 21:47:02)
> On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
> > I have recently switched to notmuch. Thank you for it!
> > I'm using "alot" as a frontend (thank you for it, too!). Everything
> > works smoothly, apart from one problem: with alot, I can't figure out how
> > to read encrypted emails I previously sent: they appear to be encrypted
> > using the addressee's key.
> >
> > Is there some way to store encrypted sent emails with my own public gpg
> > key?
> 
> What you really want is to tell gpg to always encrypt messages to your
> personal key as well, which will always make them viewable by you.  This
> way you don't have to worry about saving unencrypted versions of the
> message to disk, or there being two distinct versions of the message
> (one encrypted to the recipient and a different one encrypted to you).
> 
> See the "encrypt-to" gpg option [0].
> 
> jamie.
> 
> [0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html

Is this how notmuch emacs does it? I mean, is there some option to tell
emacs to always call gpg with --encrypt-to=me ?
I wonder if I need to change alot in any way or if one can simply globally configure
gnupg.. alot does not call the gpg binary but uses pygpgme.
cheers,
/p

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)

iEYEABECAAYFAlKJEbIACgkQlDQDZ9fWxaqgSACbBXSE3neeYHdQIvCetFvCpkZm
JHIAn1dO4tCmBoDQl2VPv8bBoYst0k+X
=6xSj
-----END PGP SIGNATURE-----

Re: alot: can't read sent emails, after encryption

[Jameson Graef Rollins]

[-- Attachment #1: Type: text/plain, Size: 1845 bytes --]

On Sun, Nov 17 2013, Patrick Totzke <patricktotzke@gmail.com> wrote:
> Quoting Jameson Graef Rollins (2013-11-16 21:47:02)
>> On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
>> > I have recently switched to notmuch. Thank you for it!
>> > I'm using "alot" as a frontend (thank you for it, too!). Everything
>> > works smoothly, apart from one problem: with alot, I can't figure out how
>> > to read encrypted emails I previously sent: they appear to be encrypted
>> > using the addressee's key.
>> >
>> > Is there some way to store encrypted sent emails with my own public gpg
>> > key?
>> 
>> What you really want is to tell gpg to always encrypt messages to your
>> personal key as well, which will always make them viewable by you.  This
>> way you don't have to worry about saving unencrypted versions of the
>> message to disk, or there being two distinct versions of the message
>> (one encrypted to the recipient and a different one encrypted to you).
>> 
>> See the "encrypt-to" gpg option [0].
>> 
>> jamie.
>> 
>> [0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html
>
> Is this how notmuch emacs does it? I mean, is there some option to tell
> emacs to always call gpg with --encrypt-to=me ?
> I wonder if I need to change alot in any way or if one can simply globally configure
> gnupg.. alot does not call the gpg binary but uses pygpgme.

You do not need to change alot, just notmuch emacs also doesn't need to
do anything special to allow for this.  Just add an

encrypt-to <keyid>

line to your ~/.gnupg/gpg.conf, where <keyid> is your personal keyid.
Then all encrypted data is also encrypted to your personal key, making
it always viewable by you as well.  Then you can just open your
encrypted sent mail as you would any other encrypted mail.

jamie.

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

Re: alot: can't read sent emails, after encryption

[apmanine]

Quoting Patrick Totzke (2013-11-17 19:57:54)
> Quoting Jameson Graef Rollins (2013-11-16 21:47:02)
> > On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
> > > I have recently switched to notmuch. Thank you for it!
> > > I'm using "alot" as a frontend (thank you for it, too!). Everything
> > > works smoothly, apart from one problem: with alot, I can't figure out how
> > > to read encrypted emails I previously sent: they appear to be encrypted
> > > using the addressee's key.
> > >
> > > Is there some way to store encrypted sent emails with my own public gpg
> > > key?
> > 
> > What you really want is to tell gpg to always encrypt messages to your
> > personal key as well, which will always make them viewable by you.  This
> > way you don't have to worry about saving unencrypted versions of the
> > message to disk, or there being two distinct versions of the message
> > (one encrypted to the recipient and a different one encrypted to you).
> > 
> > See the "encrypt-to" gpg option [0].
> > 
> > jamie.
> > 
> > [0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html
> 
> Is this how notmuch emacs does it? I mean, is there some option to tell
> emacs to always call gpg with --encrypt-to=me ?
> I wonder if I need to change alot in any way or if one can simply globally configure
> gnupg.. alot does not call the gpg binary but uses pygpgme.
> cheers,
> /p

I didn't have time to test yet, but this thread suggest that
the --encrypt-to option is the recommended way for notmuch-emacs:

  > 2. This is not necessarily related to notmuch itself but rather to
  > message-mode: Why are the mails that are fcc'ed to my sent-folder
  > encrypted with the recipient's key (instead of my own or simply no
  > key)?  I.e. why can't I read my own mails? Is there any way to make
  > this work? 

  What about setting this on the gpg level with the "encrypt-to" option? 

source: http://notmuch.198994.n3.nabble.com/Inline-encryption-encryption-failure-when-storing-sent-mails-td4028572.html

Alain-Pierre

Re: alot: can't read sent emails, after encryption

[Alain-Pierre Manine]

Quoting Jameson Graef Rollins (2013-11-17 20:43:25)
> On Sun, Nov 17 2013, Patrick Totzke <patricktotzke@gmail.com> wrote:
> > Quoting Jameson Graef Rollins (2013-11-16 21:47:02)
> >> On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
> >> > I have recently switched to notmuch. Thank you for it!
> >> > I'm using "alot" as a frontend (thank you for it, too!). Everything
> >> > works smoothly, apart from one problem: with alot, I can't figure out how
> >> > to read encrypted emails I previously sent: they appear to be encrypted
> >> > using the addressee's key.
> >> >
> >> > Is there some way to store encrypted sent emails with my own public gpg
> >> > key?
> >> 
> >> What you really want is to tell gpg to always encrypt messages to your
> >> personal key as well, which will always make them viewable by you.  This
> >> way you don't have to worry about saving unencrypted versions of the
> >> message to disk, or there being two distinct versions of the message
> >> (one encrypted to the recipient and a different one encrypted to you).
> >> 
> >> See the "encrypt-to" gpg option [0].
> >> 
> >> jamie.
> >> 
> >> [0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html
> >
> > Is this how notmuch emacs does it? I mean, is there some option to tell
> > emacs to always call gpg with --encrypt-to=me ?
> > I wonder if I need to change alot in any way or if one can simply globally configure
> > gnupg.. alot does not call the gpg binary but uses pygpgme.
> 
> You do not need to change alot, just notmuch emacs also doesn't need to
> do anything special to allow for this.  Just add an
> 
> encrypt-to <keyid>
> 
> line to your ~/.gnupg/gpg.conf, where <keyid> is your personal keyid.
> Then all encrypted data is also encrypted to your personal key, making
> it always viewable by you as well.  Then you can just open your
> encrypted sent mail as you would any other encrypted mail.
> 
> jamie.

It's working! Thanks for the explanations.

Re: alot: can't read sent emails, after encryption

[Patrick Totzke]

[-- Attachment #1: Type: text/plain, Size: 2404 bytes --]

Quoting Alain-Pierre Manine (2013-11-18 08:38:33)
> Quoting Jameson Graef Rollins (2013-11-17 20:43:25)
> > On Sun, Nov 17 2013, Patrick Totzke <patricktotzke@gmail.com> wrote:
> > > Quoting Jameson Graef Rollins (2013-11-16 21:47:02)
> > >> On Tue, Nov 12 2013, apmanine@idaaas.com wrote:
> > >> > I have recently switched to notmuch. Thank you for it!
> > >> > I'm using "alot" as a frontend (thank you for it, too!). Everything
> > >> > works smoothly, apart from one problem: with alot, I can't figure out how
> > >> > to read encrypted emails I previously sent: they appear to be encrypted
> > >> > using the addressee's key.
> > >> >
> > >> > Is there some way to store encrypted sent emails with my own public gpg
> > >> > key?
> > >> 
> > >> What you really want is to tell gpg to always encrypt messages to your
> > >> personal key as well, which will always make them viewable by you.  This
> > >> way you don't have to worry about saving unencrypted versions of the
> > >> message to disk, or there being two distinct versions of the message
> > >> (one encrypted to the recipient and a different one encrypted to you).
> > >> 
> > >> See the "encrypt-to" gpg option [0].
> > >> 
> > >> jamie.
> > >> 
> > >> [0] http://www.gnupg.org/documentation/manuals/gnupg-devel/GPG-Key-related-Options.html
> > >
> > > Is this how notmuch emacs does it? I mean, is there some option to tell
> > > emacs to always call gpg with --encrypt-to=me ?
> > > I wonder if I need to change alot in any way or if one can simply globally configure
> > > gnupg.. alot does not call the gpg binary but uses pygpgme.
> > 
> > You do not need to change alot, just notmuch emacs also doesn't need to
> > do anything special to allow for this.  Just add an
> > 
> > encrypt-to <keyid>
> > 
> > line to your ~/.gnupg/gpg.conf, where <keyid> is your personal keyid.
> > Then all encrypted data is also encrypted to your personal key, making
> > it always viewable by you as well.  Then you can just open your
> > encrypted sent mail as you would any other encrypted mail.
> > 
> > jamie.
> 
> It's working! Thanks for the explanations.


Excelent, thanks Jamie.
I wasn't aware of this setting and assumed that the stuff in the
gnupg config file only applies to gpg itself and not, as in alot,
for calls through the gpgme library.
Thanks for testing this Alain-Pierre.
/p

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)

iEYEABECAAYFAlKJ3AoACgkQlDQDZ9fWxarMFwCgrEIKbnQde342HL8qfW2qMqq/
1eoAnjJ+zgdBHpDjMHPT2CSdkJFNa+pD
=k278
-----END PGP SIGNATURE-----

Re: alot: can't read sent emails, after encryption

[Ruben Pollan]

[-- Attachment #1: Type: text/plain, Size: 1311 bytes --]

Quoting Jameson Graef Rollins (2013-11-17 20:43:25)
> On Sun, Nov 17 2013, Patrick Totzke <patricktotzke@gmail.com> wrote:
> > Is this how notmuch emacs does it? I mean, is there some option to tell
> > emacs to always call gpg with --encrypt-to=me ?
> > I wonder if I need to change alot in any way or if one can simply globally configure
> > gnupg.. alot does not call the gpg binary but uses pygpgme.
> 
> You do not need to change alot, just notmuch emacs also doesn't need to
> do anything special to allow for this.  Just add an
> 
> encrypt-to <keyid>
> 
> line to your ~/.gnupg/gpg.conf, where <keyid> is your personal keyid.
> Then all encrypted data is also encrypted to your personal key, making
> it always viewable by you as well.  Then you can just open your
> encrypted sent mail as you would any other encrypted mail.

If I have to identities, with two different gpg keys (key1 and key2), and I set 
'encrypt-to key1' when I send emails with my identity of key2 it will also 
encrypt it with my key1 and will reveal to its receivers that I own key1. Isn't 
it?


-- 
Ruben Pollan  | http://meskio.net/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 My contact info: http://meskio.net/crypto.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nos vamos a Croatan.

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAABCgAGBQJSihN1AAoJEMcysdHCj04vBhkP/Aq72+xbbp+Iqz3XmunUhnnh
6ushZaQ275nUve+Xe4R+Ec/rhHsbSrFy7l9QRmCjPUqeVYD+lBuDDTa/V8FiUStB
Pj1mTuL9QyC/95kr8o3pyLj8R/351bYPBEClLWR0+CtfCRdQtfAMbytqDtWjaaBg
JWWs8079PkVWrt6q6zMfeXcl2qD1PRhuXHnk2z9ldNwLzHjxjuDVgaBlHlNBImV8
NbGUUOPd4Hi7ugFqMqN3MiwxxxDzGAfIKLGH/xymC4GjJhFHamuSKG+Vk2X7Saav
wqvi0lzvv/3RLgf+tyQ6Tn5pitvwDfk/1+PRlxcKJFnguVd+2xP1v41XqCmpeaK7
n8kwe8rWO3euepUMyyHBO/n//yXYoAiFabbsiAnbYDweVrncgts6ebVrBVIgrkyz
4TNVCHZbNPTU7FLom6fx2m4G2N+R/ulT9cvrvNsG4dORksQ8DC+ZJ9uhtjqI9bey
X2C0JRI99h+m4ynybAMQhvE1Iu0XI19TSyXavEq0Wn9Ptg4fZz9Ge1U59gw1twFy
NRs1FwZXjwpziHoUEyxXH+TopKh6o07hAHS7HSq/froxXrK0SVTeIkRJX1U/NvF2
uRFOgm4KJ3zxS+dN+HtFRP32N+bHgoRnBlSQ8sQgwNRbFB1g9JSUYTghNLXwDAzb
7Nx1UoOx3k2NHxP8X9li
=Gvyo
-----END PGP SIGNATURE-----

Re: alot: can't read sent emails, after encryption

[Daniel Kahn Gillmor]

[-- Attachment #1: Type: text/plain, Size: 2046 bytes --]

On 11/18/2013 05:17 AM, Ruben Pollan wrote:
> If I have t[w]o identities, with two different gpg keys (key1 and key2), and I set 
> 'encrypt-to key1' when I send emails with my identity of key2 it will also 
> encrypt it with my key1 and will reveal to its receivers that I own key1. Isn't 
> it?

It won't formally *prove* that you own key1 (no one will be able to say
for sure that the public key encrypted session key packet actually is
decryptable by key1, it just has the 64-bit keyid embedded in the PKESK,
and even if it did, it could arguably have been added as a Bcc: to
another independent person), but it will certainly imply to anyone who
gets more than a single message from you that there is this other key
involved somehow.

If you have multiple identities, there are other approaches you could
take without changing alot itself, for example:

You could have two separate ~/.gnupg directories, and you could launch
alot differently, with "GNUPGHOME=~/.gnupg-key1 alot" or
"GNUPGHOME=~/.gnupg-key2 alot" to make these responses.

If you really care deeply about keeping the identities distinct, you
might even want to split your notmuch dataset into two places as well,
so that you don't accidentally reply from one identity to another
identity's message:

 NOTMUCH_CONFIG=~/.notmuch-config-key1 GNUPGHOME=~/.gnupg-key1 alot

and so forth.

or you could use two distinct user accounts or virtual machines so that
the data as even fewer possibilities of being mixed (e.g. ensuring that
the outbound SMTP path, and/or the message-IDs generated when sending
each message don't share any features that might leak their common
provenance).

None of this is particularly convenient; maintaining separate identities
that are difficult for an adversary to re-correlate is a serious challenge.

That said, i can imagine that alot (and other notmuch frontends) could
be improved to support this use case directly without forcing users to
go through the extra hoops i've envisioned above.

	--dkg


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 1027 bytes --]

Re: alot: can't read sent emails, after encryption

[Jameson Graef Rollins]

[-- Attachment #1: Type: text/plain, Size: 428 bytes --]

On Mon, Nov 18 2013, Patrick Totzke <patricktotzke@gmail.com> wrote:
> Excelent, thanks Jamie.
> I wasn't aware of this setting and assumed that the stuff in the
> gnupg config file only applies to gpg itself and not, as in alot,
> for calls through the gpgme library.

Actually, bizarrely, there is no actual gpg library.  gpgme just calls
the gpg binary underneath.  Therefore all gpg settings work for gpgme as
well.

jamie.

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]