unofficial mirror of notmuch@notmuchmail.org
 help / color / mirror / code / Atom feed
From: micah anderson <micah@riseup.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
	notmuch <notmuch@notmuchmail.org>
Subject: Re: new "crypto" branch providing full PGP/MIME support
Date: Fri, 04 Feb 2011 11:59:43 -0500	[thread overview]
Message-ID: <87r5bn68hs.fsf@algae.riseup.net> (raw)
In-Reply-To: <4D4B0761.7040603@fifthhorseman.net>

[-- Attachment #1: Type: text/plain, Size: 3392 bytes --]

On Thu, 03 Feb 2011 14:52:01 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:

> On 02/03/2011 11:25 AM, micah anderson wrote:
> > 1. I personally think notmuch-show-process-pgpmime should default to
> > true
> 
> note that with it set to false, you can still M-RET (instead of RET) on
> an item in the summary window to have it set for that particular view.

Yes, that is true. However, I still think the default should be
on. Especially considering all three people (myself included) who I've
seen try this have been puzzled by why it wasn't working and had to be
told that they needed to turn it on.

> > 3. i'm not sure expired/revoked keys are handled properly - tested on a
> > message that was encrypted by a key that was revoked and got "End of
> > file during parsing"
> 
> when you say "encrypted by" do you mean "encrypted to"?  do you have
> access to the corresponding secret key?

If I open a message that was sent to me and was encrypted by the sender
using a key that they have since revoked, or has expired, I saw this.

> > 5. unknown keys are represented in a long format,
> > eg. '0x5585F58CC827A062' when most tools represent them just with their
> > shortened keyid (in this case this one would be: 0xC827A062), is there a
> > particular reason for this?
> 
> Short keyIDs are easily spoofable; believing anything based on a matched
> short keyID is a mistake. 

Most humans I know reference their key by the keyid, where keyid means
the 8 character representation of their key. When they need to ensure
that their key is not being spoofed they either rely on the tools to do
cryptographic verification, or inspect the fingerprint. I dont think
moving towards using a longer format of the keyid helps here. The key is
unknown, and to get it known requires going through a key signing
process, or fingerprint verification, which isn't aided by having a
longer form keyid. 

If I am presented with a short form keyid, and I go and try and receive
that key from the keyservers and then I am presented with two different
options, then I'm going to inspect the two and determine then which one
is the right one. I dont need to front-load that knowledge in the
interface.

> > I recognize some people's keyids in the
> > short form, but do not in the longform.
> 
> You can derive the short form from the long form by ignoring
> everything but the last 8 hex characters.

Yes, I know that, but my brain parser looks at '0x5585F58CC827A062' and
has to squint to try and ignore the last 8 characters. In fact, its
often quicker for me to use my cursor to go up there and count backwards
8 characters and then hit a space so I can visually separate it. Visual
interface parse failure with long form.

> But if you actually recognize the short form, i'd expect you to have
> the relevant key in your keyring;

Not always true. In fact the parse error I was discussing above was
about a key I used to use, but have removed from my keyring, and my
secret keyring. In the long form, I did *not* recognize it. If it were
simply 1CF2D62A I would have instantly recognized it as my old key that
I've revoked.

> is this really a use case worth bothering with?

No.

> do you have a suggestion for how you think it should behave
> differently?

I think my suggestion was already made: short form.

m

[-- Attachment #2: Type: application/pgp-signature, Size: 835 bytes --]

  parent reply	other threads:[~2011-02-04 16:59 UTC|newest]

Thread overview: 49+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-11-27 19:35 PGP/MIME signature verification Daniel Kahn Gillmor
2010-11-27 21:24 ` Jameson Rollins
2010-12-13 22:02 ` David Bremner
2010-12-13 22:11   ` Daniel Kahn Gillmor
2010-12-13 22:10 ` David Bremner
2010-12-13 22:14   ` Daniel Kahn Gillmor
2010-12-20 18:22 ` Jameson Rollins
2010-12-21  9:51   ` Sebastian Spaeth
2010-12-21 15:36     ` Daniel Kahn Gillmor
2010-12-22 14:38       ` Sebastian Spaeth
2010-12-22 19:11         ` Daniel Kahn Gillmor
2011-01-27  1:13   ` Jameson Rollins
2011-02-03  1:18     ` new "crypto" branch providing full PGP/MIME support Jameson Rollins
2011-02-03 16:25       ` micah anderson
2011-02-03 19:52         ` Daniel Kahn Gillmor
2011-02-03 20:34           ` Jameson Rollins
2011-02-03 21:03             ` always encrypting messages to self [was: Re: new "crypto" branch providing full PGP/MIME support] Daniel Kahn Gillmor
2011-02-04 13:04               ` Sebastian Spaeth
2011-02-04 17:30                 ` Jameson Rollins
2011-02-04 16:59           ` micah anderson [this message]
2011-02-04 17:30             ` new "crypto" branch providing full PGP/MIME support Daniel Kahn Gillmor
2011-02-03 17:48       ` Daniel Kahn Gillmor
2011-02-03 20:42       ` Darren McGuicken
2011-02-03 21:02         ` Jameson Rollins
2011-02-04 12:09           ` Darren McGuicken
2011-02-04 17:32             ` Jameson Rollins
2011-02-05 14:50               ` Darren McGuicken
2011-02-04 21:07           ` Jameson Rollins
2011-04-25 22:35             ` Jameson Graef Rollins
2011-02-04 12:24       ` David Bremner
2011-02-04 17:24         ` Jameson Rollins
2011-02-04 17:12       ` David Bremner
2011-02-04 18:10         ` Jameson Rollins
2011-02-27  0:45       ` [Review] " David Bremner
2011-02-27 10:41         ` Darren McGuicken
2011-02-28 13:24           ` Sebastian Spaeth
2011-02-28 13:52             ` Ross Glover
2011-02-28 18:25               ` Jameson Rollins
2011-02-28 18:59                 ` Daniel Kahn Gillmor
2011-02-28 19:56                   ` Jameson Rollins
2011-02-28 20:08                     ` Daniel Kahn Gillmor
2011-03-01  2:49                       ` Jameson Rollins
2011-03-01  3:16                         ` Rob Browning
2011-03-01  3:31                           ` Jameson Rollins
2011-03-05  8:26                             ` signed/encrypted tagging in crypto branch [was: Re: [Review] Re: new "crypto" branch providing full PGP/MIME support] Jameson Rollins
2011-03-06 19:15                               ` signed/encrypted tagging in crypto branch Jameson Rollins
2011-04-14  7:48                                 ` Florian Friesdorf
2011-04-16 15:27                                 ` Pieter Praet
2011-03-01 19:32             ` [Review] Re: new "crypto" branch providing full PGP/MIME support Simon Fondrie-Teitler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://notmuchmail.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87r5bn68hs.fsf@algae.riseup.net \
    --to=micah@riseup.net \
    --cc=dkg@fifthhorseman.net \
    --cc=notmuch@notmuchmail.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://yhetil.org/notmuch.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).