From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 0D7826DE0F4A for ; Wed, 24 Apr 2019 11:31:25 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.151 X-Spam-Level: X-Spam-Status: No, score=-0.151 tagged_above=-999 required=5 tests=[AWL=0.050, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rO5_9Gq3PPUh for ; Wed, 24 Apr 2019 11:31:23 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTPS id 959E66DE0F98 for ; Wed, 24 Apr 2019 11:31:23 -0700 (PDT) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1556130682; h=from : to : subject : date : message-id : mime-version : content-transfer-encoding : from; bh=2UE9zkW0dUQzBMOg8OjwuqBAm5iKPRqCtZorP9NjEJE=; b=wm4m1ovV72YorLLUPCXAbk72Xnh+75mLQc/k5kB67FBEZwUcOYIPxHnR Bg6blrE0zseSpv4NGCsmj3AkXG64CA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1556130682; h=from : to : subject : date : message-id : mime-version : content-transfer-encoding : from; bh=2UE9zkW0dUQzBMOg8OjwuqBAm5iKPRqCtZorP9NjEJE=; b=Ll4TzeFYDxXxdRcSx++EmKT4Ikzv+x2iD4N5TrvmmCCoOQKYD46MhETx ZH4jBEiFH477k5lWLzScM7gvqiNHSFrSDqnPFYm1q/kYgfhmfZ3cBtJGV+ bDjJ7WcGZvspo7/ZHnOrUP1ANZH4UbAwN69alm8e7uwDF1fIdI5leCEEbq 2APpy5CxZHMijLj85KCGSUBX4+et+/8K9Bgsmq40cChFOy+TJ9g6Tl8FkE hN+wlO7hg4Snj0JLCgytywl9IisiSCmwd7n3fA4Rp8StL3/oSntRA40q60 4DTblFMsSK7bbj+XbDxFlV6RZdUQ1cboed4iXmINZRq2bm1oQrFSJw== Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 596A4F9A0 for ; Wed, 24 Apr 2019 14:31:22 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 501392015B; Wed, 24 Apr 2019 14:31:18 -0400 (EDT) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: Easing access to the cryptographic envelope Date: Wed, 24 Apr 2019 14:31:09 -0400 Message-Id: <20190424183113.29242-1-dkg@fifthhorseman.net> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Apr 2019 18:31:25 -0000 E-mail structures are potentially arbitrarily complicated. Cryptographic protection standards like S/MIME and OpenPGP or PGP/MIME are often applicable to some elements of some messages. Last year's "E-Fail" attacks made it clear that trying to provide normal users with cryptographic protections on piecemeal parts of an e-mail message is a recipe for disaster, both from an implementation perspective and a user experience perspective. I've argued in more detail at [0] about the need to treat cryptographic protections at the message level, rather than at the subpart level. [0] https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html This series makes "notmuch show" track and emit message-wide cryptographic state, providing an interface that simple clients that use "notmuch show" can rely on for their UI and UX. It doesn't yet apply this layer to the emacs interface, because at the moment many users of the emacs interface are nerds who are as likely to understand the intricacies of MIME structure as anyone, and for the moment, just augmenting the notmuch show schemata in a sensible way is enough of a chunk to bite off. (though i'd be happy to review and support the use of this per-message cryptographic state in notmuch-emacs if/when this lands!) I'd appreciate any review and feedback! Regards, --dkg