From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id BAF9B6DE119D for ; Thu, 30 Nov 2017 01:00:07 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.015 X-Spam-Level: X-Spam-Status: No, score=-0.015 tagged_above=-999 required=5 tests=[AWL=-0.015] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rc-6mwFOTxgI for ; Thu, 30 Nov 2017 01:00:03 -0800 (PST) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 6648C6DE0B3E for ; Thu, 30 Nov 2017 00:59:58 -0800 (PST) Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id 089A1F9A1 for ; Thu, 30 Nov 2017 03:59:57 -0500 (EST) Received: by fifthhorseman.net (Postfix, from userid 1000) id CE52F2090D; Thu, 30 Nov 2017 03:59:52 -0500 (EST) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: session keys, version 2 Date: Thu, 30 Nov 2017 03:59:25 -0500 Message-Id: <20171130085946.11332-1-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.15.0 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Nov 2017 09:00:07 -0000 This is the second revision of the session keys series. the earlier version of this series can be found following id:20171025065203.24403-1-dkg@fifthhorseman.net. This version addresses the ideas and critiques raised on list about the first version. In particular: * ./configure now detects and sets a HAVE_GMIME_SESSION_KEYS #define to consolidate the version number checking in one place. * the library contains a built_with("session_key") marker. * the command line syntax for new, insert, and reindex is now --decrypt=, instead of --try-decrypt= * the configuration option is now index.decrypt, instead of index.try_decrypt. * in alignment with the shift to a "decryption policy" vocabulary, i've changed notmuch_indexopts_{set,get}_try_decrypt to notmuch_indexopts_{set,get}_decrypt_policy. I think this is OK because the API has not been released yet. The decryption policies remain the same: +------------------------+-------+------+---------+------+ | | false | auto | nostash | true | +========================+=======+======+=========+======+ | Index cleartext using | | X | X | X | | stashed session keys | | | | | +------------------------+-------+------+---------+------+ | Index cleartext | | | X | X | | using secret keys | | | | | +------------------------+-------+------+---------+------+ | Stash session keys | | | | X | +------------------------+-------+------+---------+------+ | Delete stashed session | X | | | | | keys on reindex | | | | | +------------------------+-------+------+---------+------+ I believe this addresses all the major concerns raised about the earlier draft of this series, and i know that there are at least a few people other than myself currently using this series. Please let me know if you have any other feedback about this new revision! I'd love to try to land this in 0.26. --dkg