From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id B3A3B6DE022D for ; Sun, 3 Jun 2018 11:15:00 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -1.765 X-Spam-Level: X-Spam-Status: No, score=-1.765 tagged_above=-999 required=5 tests=[AWL=-0.428, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.972, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60GaeXWa-fmh for ; Sun, 3 Jun 2018 11:14:59 -0700 (PDT) Received: from outgoing-mail.its.caltech.edu (outgoing-mail.its.caltech.edu [131.215.239.19]) by arlo.cworth.org (Postfix) with ESMTPS id B4DAA6DE022B for ; Sun, 3 Jun 2018 11:14:59 -0700 (PDT) Received: from smtp01.caltech.edu (localhost [127.0.0.1]) by smtp02.caltech.edu (Postfix) with ESMTP id 398616C076A; Sun, 3 Jun 2018 11:14:58 -0700 (PDT) X-Spam-Scanned: at Caltech-IMSS on smtp01.caltech.edu by amavisd-new Received: from finestructure.net (cpe-76-91-54-61.socal.res.rr.com [76.91.54.61]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: jrollins) by smtp-server.its.caltech.edu (Postfix) with ESMTPSA id 8D2616C063C; Sun, 3 Jun 2018 11:14:57 -0700 (PDT) Received: by finestructure.net (Postfix, from userid 1000) id 60F9961997; Sun, 3 Jun 2018 11:14:57 -0700 (PDT) From: Jameson Graef Rollins To: Daniel Kahn Gillmor , Notmuch Mail Subject: Re: Protected headers in notmuch In-Reply-To: <878t7xujtj.fsf@ligo.caltech.edu> References: <20180511055544.13676-1-dkg@fifthhorseman.net> <878t7xujtj.fsf@ligo.caltech.edu> User-Agent: Notmuch/0.26.2 (https://notmuchmail.org) Emacs/25.2.1 (x86_64-pc-linux-gnu) Date: Sun, 03 Jun 2018 11:14:54 -0700 Message-ID: <87zi0bu481.fsf@ligo.caltech.edu> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jun 2018 18:15:00 -0000 --=-=-= Content-Type: text/plain On Sat, Jun 02 2018, Jameson Graef Rollins wrote: > I've pushed a branch of this series rebased against notmuch/release (for > some reason master is currently a couple commits behind) and fixed to > reflect the exposure of notmuch_message_get_database: > > https://gitlab.com/jrollins/notmuch/commits/protected-headers-fix > > All tests pass. Note it requires gmime 3.0 (which tripped me up for a > bit since notmuch still implicitly supports older gmime versions). > > I haven't done a commit-by-commit review yet, but I am now using this > series and it works as advertised: messages with encrypted subjects are > searchable by the encrypted subject, and the encrypted subjects show up > correctly in all the clients I'm using (both CLI and emacs). > > I strongly support the inclusion of this feature, particularly since > it's an important component of autocrypt, which I want even more. I've now done a commit-by-commit review and I think this is a very clean patch series, with very good test suite coverage. To the extent that I have much to say on any of the code structure (not much) it all looks good to me. In particular I really like the introduction of the new "cryptographic envelope" concept, and the new whole-message crypto status object that goes with it. I think this is a very solid idea that will be very useful for clients going forward. The implementation details seem solid and well thought out to me, seeming to include all the useful info that a client would need. As for the protected headers, I like that they're just swapped in seamlessly. It also seems useful that the crypto envelope status includes information about which headers were signed, and which headers were masked by those that were encrypted. It seems that there's just enough information emitted about the overall crypto status and the protected headers for any clients to be able to construct a useful UX for users, but without any cruft that could potentially be confusing. jamie. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtl0IW5QRe4ExYLZZ7TTOq+J7qrwFAlsUMB4ACgkQ7TTOq+J7 qrygGBAAiM+vymyfKJb9blwrHEPW6Nbk68JaoBUP5qrTxjAFfDQ6RKvRVPtQjml+ BpJ/c/FSuUdJti7XpE7QRshCvsXJlXufbvTNhV9YGsT286yChNfY8JupxT+cbDaC RzyvDrhdRDh4KKRy/avQD7CWqdqmAK/9qi2cOXVbf/tHmMo01crRlBifvdDKpchP 5o2ieRfgKk0DUlgyb5tghdFHUGgkXJMU5KmSDOS8w7RtpdN9WCEQ95FUsQOqc4ck TJnhfWqIBC+XlchrhYWEciMm0mlnfQKc5uxzf8d/zjH1bIP4VZuS73BWQSFjd5ii GOmO+weZJUHJVk1bQckK9/CEmNwrSc5e67KEHn/R/Z44HRUPDsB8lTM4PW5aPb8v UlyLLf+NpqA2RX7akOdNfgm4Yf0nSLZWggs+xAHmFSKcSH6RsX9b1L3C2tYS9LC+ oY1gFUHhkOzUWk7jcqfCy9b/MSXB0JNZNfaqS9gNH1n62MCK6UNYwmPRmREN+PeU WHMmURzlwhLh6/Ae9jfwrOx2PUD4ZD+TYtDgAf25ALCAFYuU1azPYy3798RdfTZk uaubOhOU0Z8gf7fGXjb6WAjrmszrAI9nrDG+oyd6xqZvqrw2UZtuIJq27L6Fdb4y pvM9J/kvteVfgxWbFhF+ppDd1XEOVV9ywT8ijHzOIg0S09QZXpY= =2UyB -----END PGP SIGNATURE----- --=-=-=--