From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id E63706DE0C19 for ; Wed, 25 Oct 2017 07:46:40 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: -0.033 X-Spam-Level: X-Spam-Status: No, score=-0.033 tagged_above=-999 required=5 tests=[AWL=-0.033] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UbvDD7_rXPfB for ; Wed, 25 Oct 2017 07:46:39 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by arlo.cworth.org (Postfix) with ESMTP id C44E06DE098B for ; Wed, 25 Oct 2017 07:46:39 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 6AF73F99A for ; Wed, 25 Oct 2017 10:46:39 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 7F783202DB; Wed, 25 Oct 2017 10:46:35 -0400 (EDT) From: Daniel Kahn Gillmor To: Notmuch Mail Subject: Re: [PATCH 16/18] crypto: add --try-decrypt=nostash to avoid stashing session keys In-Reply-To: <20171025065203.24403-17-dkg@fifthhorseman.net> References: <20171025065203.24403-1-dkg@fifthhorseman.net> <20171025065203.24403-17-dkg@fifthhorseman.net> Date: Wed, 25 Oct 2017 10:46:32 -0400 Message-ID: <87zi8fxp2v.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Oct 2017 14:46:41 -0000 --=-=-= Content-Type: text/plain On Wed 2017-10-25 02:52:01 -0400, Daniel Kahn Gillmor wrote: > - DO NOT USE ``index.try_decrypt=true`` without considering the > - security of your index. > + DO NOT USE ``index.try_decrypt=true`` or ``index-only`` > + without considering the security of your index. jrollins helpfully caught that i'd let the previous, worse name of "nostash" ("index-only") sneak into this commit. I've fixed it in my local copy of this branch, which can be found as "session-keys" at https://gitlab.com/dkg/notmuch (current commit ID ac7a7bb931b68a17dff0b4b782a2bdeced4e779c) I'll wait to send revised patches to the list once i've incorporated any other reviews folks want to send my way. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAlnwo8gACgkQFJitxsGS MjeYNQ/9E1L/8q4wxpouDf4kI3Ef+4yNq+dqszEZdAD8W0Zxf80UOrYAPV4Wbm0p iPSFcV+g/JhCi5LdOUXBQsdKmG83vRwiQ4h3rkTNy06YpQfjE8ldAAX3kc/VMtH2 tRO2m4rXogXEhVGEQspgWDlhzucmD2oC4ZucZSE9CcRIkaDYYObQ6Plk7IUoM8WT kBO3Qx0Qy1XJEBxyHR2Jgi7ViLHCj+kTB2ZejggcRfPmENdUvf0CrWOdy8IYVAZD Hkhlh7lRyeQ6JTjDFGOEqihCISoqWohy7mdlX88VLs5/fkD5YcNN2o07j3FMQKgf Uxj9Qa+0tmDZbDNqDBzRjycNoAvalVVSQjF9iTgcG8EdmYhtEijFZj/7Xr5669gs pMm0JJrGz0yrUWJ920yU/eea8IY18JjnzM4jnC2oMvCJGfyHxlah9j0jVR9Vwxrw aqDTNu92aA18qj4T00oJ9zhbsgni42CZNjzanoE4i5pXX/Wv4mpk1HuGcAdg3PdY 8yG9m4+dFNR8a6LnkKjRVnBE6WSWJJx1mTpHjr3cz1llj0OwGeeyPxmsj9H/Q+CB THfZIOa1BqRTQ2qMvU39STck64pzADJ3CCv79ut3w8y0TihzV3idQDAPLmSUKnoP POHIiF7N/tAmCFQ67j5a+KvAXR6pisTZO3uhW4DVoXdFil3GqAY= =s2TJ -----END PGP SIGNATURE----- --=-=-=--