From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id ACB676DE09ED for ; Sat, 6 Feb 2016 12:48:47 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: 0.652 X-Spam-Level: X-Spam-Status: No, score=0.652 tagged_above=-999 required=5 tests=[AWL=-0.000, SPF_NEUTRAL=0.652] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XkMfr6XP8k8a for ; Sat, 6 Feb 2016 12:48:44 -0800 (PST) Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34]) by arlo.cworth.org (Postfix) with ESMTP id AA3806DE0261 for ; Sat, 6 Feb 2016 12:48:44 -0800 (PST) Received: from guru.guru-group.fi (localhost [IPv6:::1]) by guru.guru-group.fi (Postfix) with ESMTP id E1340100063; Sat, 6 Feb 2016 22:48:55 +0200 (EET) From: Tomi Ollila To: Daniel Kahn Gillmor , Notmuch Mail Subject: Re: Allow indexing cleartext of encrypted messages (v3) In-Reply-To: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net> References: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net> User-Agent: Notmuch/0.21+32~g73439f8 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-unknown-linux-gnu) X-Face: HhBM'cA~ MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 20:48:47 -0000 On Sun, Jan 31 2016, Daniel Kahn Gillmor wrote: > This is the third draft of the series initially announced in > id:1449718786-28000-1-git-send-email-dkg@fifthhorseman.net (second > draft was in > id:1453258369-7366-1-git-send-email-dkg@fifthhorseman.net). It > differs from v2 in that it incorporates the recent improvements in > detecting and processing S/MIME signatures. Looks pretty good. Nothing to bikeshed. Did not run tests yet. Tomi > > From the v2 description: > >> Notmuch currently doesn't index the cleartext of encrypted mail. This >> is the right choice by default, because the index is basically >> cleartext-equivalent, and we wouldn't want every indexed mailstore to >> leak the contents of its encrypted mails. >> >> However, if a notmuch user has their index in a protected location, >> they may prefer the convenience of being able to search the contents >> of (at least some of) their encrypted mail. >> >> This series of patches enables notmuch to index the cleartext of >> specific encrypted messages when they're being added via "notmuch new" >> or "notmuch insert", via a new --try-decrypt flag. >> >> If --try-decrypt is used, and decryption is successful for part of a >> message, the message gets an additional "index-decrypted" tag. If >> decryption of part of a message fails, the message gets an additional >> "index-decryption-failed" tag. > > v2 addresses the concerns raised from the helpful feedback on the > previous series, and adds a notmuch_indexopts_t object that can be > used to declare options for indexing messages, including a > "try_decrypt" boolean. > > Additionally, this series adds a new function to libnotmuch: > > notmuch_message_reindex (notmuch_message_t *message, > notmuch_indexopts_t *indexopts) > > Which allows user of the library to adjust the indexing options of a > given message. > > The CLI is additionally augmented with a new notmuch subcommand, > "notmuch reindex", which also has a --try-decrypt flag. > > So a user who has their message index stored securely and wants to > index the cleartext of all encrypted messages they've received can do > something like: > > notmuch reindex --try-decrypt tag:encrypted and not tag:index-decrypted > > Or can clear all indexed cleartext from their database with: > > notmuch reindex tag:encrypted and tag:index-decrypted > > > _______________________________________________ > notmuch mailing list > notmuch@notmuchmail.org > https://notmuchmail.org/mailman/listinfo/notmuch