Dear developers, >> A better idea, IMHO, is making a Spotlight plugin that searches >> GPG-encrypted content. This would all happens safely on your client machine. > Actually a very nice idea! Writing a spotlight plugin is very straight > forward I guess (assuming one is using the OS X keychain to store the gpg > passphrase). Although the Spotlight index should be stored on an encrypted > volume.
just in case someone wants to work on that: * Issue: http://gpgtools.lighthouseapp.com/projects/65764/tickets/13 * Sources: https://github.com/GPGTools/GPGMail_Spotlight * Status: Spotlight Plugin template, no real implementation, should be manageable Best regards, Alex On 29.01.2011, at 20:44, Alexander Willner wrote: > Hi Michael, > >> saving an unencrypted version in many cases (like IMAP) puts an unencrypted >> copy of the sensitive content on the network > > I agree, that should be avoided somehow. > >> Even if you store it locally it will be readable if your system is >> compromised. > > But storing the unencrypted mail locally in my FileVault/TrueCrypt home > directory isn't a big issue - at least in my opinion. > >> A better idea, IMHO, is making a Spotlight plugin that searches >> GPG-encrypted content. This would all happens safely on your client machine. > > Actually a very nice idea! Writing a spotlight plugin is very straight > forward I guess (assuming one is using the OS X keychain to store the gpg > passphrase). Although the Spotlight index should be stored on an encrypted > volume. > > Best regards, Alex > > On 29.01.2011, at 20:28, Michael Koppelman wrote: > >> This represents a pretty major weakness on the security side of things, >> though. Presuming that you encrypt email that has sensitive content, saving >> an unencrypted version in many cases (like IMAP) puts an unencrypted copy of >> the sensitive content on the network. Even if you store it locally it will >> be readable if your system is compromised. >> >> A better idea, IMHO, is making a Spotlight plugin that searches >> GPG-encrypted content. This would all happens safely on your client machine. >> >> M. >> >> On Jan 29, 2011, at 12:33 PM, Alexander Willner wrote: >> >>> Dear Başar, >>> >>> could you add your ideas to this issue please? >>> >>> http://gpgtools.lighthouseapp.com/projects/65764/tickets/25 >>> >>> Best regards, Alex >>> >>> >>> On 29.01.2011, at 13:51, Başar Alabay wrote: >>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: RIPEMD160 >>>> >>>> Hello, >>>> >>>> wouldn't it be interesting to implement an option, that one can encrypt a >>>> mail – just to send it away? So it's filed unencrypted. And, when >>>> receiving an encrypted mail, the decrypted message is filed in Mail.app. >>>> >>>> This would make it possible to search in such mails. >>>> >>>> Greets, >>>> B. Alabay
smime.p7s
Description: S/MIME cryptographic signature
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ gpgtools-users mailing list gpgtools-users@lists.gpgtools.org FAQ: http://www.gpgtools.org/faq.html Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users Unsubscribe: http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1 This email sent to: arch...@mail-archive.com
