From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 35D666DE0083 for ; Tue, 14 Nov 2017 05:13:55 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[AWL=0.010, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1zV2meFraxsh for ; Tue, 14 Nov 2017 05:13:54 -0800 (PST) Received: from fethera.tethera.net (fethera.tethera.net [198.245.60.197]) by arlo.cworth.org (Postfix) with ESMTPS id 882496DE0068 for ; Tue, 14 Nov 2017 05:13:54 -0800 (PST) Received: from remotemail by fethera.tethera.net with local (Exim 4.89) (envelope-from ) id 1eEb2H-0002ap-Km; Tue, 14 Nov 2017 08:13:53 -0500 Received: (nullmailer pid 13344 invoked by uid 1000); Tue, 14 Nov 2017 13:13:52 -0000 From: David Bremner To: Daniel Kahn Gillmor , Notmuch Mail Subject: Re: [PATCH 05/18] crypto: Test restore of cleartext index from stashed session keys In-Reply-To: <20171025065203.24403-6-dkg@fifthhorseman.net> References: <20171025065203.24403-1-dkg@fifthhorseman.net> <20171025065203.24403-6-dkg@fifthhorseman.net> Date: Tue, 14 Nov 2017 09:13:52 -0400 Message-ID: <87o9o59f5b.fsf@tethera.net> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Nov 2017 13:13:55 -0000 Daniel Kahn Gillmor writes: > If you've got a notmuch dump that includes stashed session keys for > every decrypted message, and you've got your message archive, you > should be able to get back to the same index that you had before. > Out of curiousity, have you given any thought to what happens when someone sends a message with the same message-id but a different session-key? it seems like the user can potentially lose access to the encrypted message.