Re: running the crypto branch [was: Re: Hiding HTML mime-parts and/or scrubbing (gmail's) HTML-based citation]
Hey Jamie, On Sat, 26 Feb 2011 16:27:35 -0800, Jameson Rollins jroll...@finestructure.net wrote: On Sun, 27 Feb 2011 01:00:08 +0100, Xavier Maillard xav...@maillard.im wrote: What is the easy way to switch to your codebase from notmuch mainline ? I mean, what exact commands do we need to type in order to use your branch code ? Knowing that would certainly help people in switching and testing your code. I hope that helps. Please let me know if you have any other questions. It is crystal clear ! I have noew switched to your crypto branch. Thank you. And of course we'd love to hear any and all feedback on the new cryptographic features! I will report as soon as I have discovered all the new stuff. /Xavier ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
Re: [Review] Re: new crypto branch providing full PGP/MIME support
On Sun, 27 Feb 2011 10:41:48 +, Darren McGuicken mailing-notm...@fernseed.info wrote: If feedback is needed here then likewise, I've been running the crypto branch since it was made available. The only strangeness I've seen was that which was reported in id:87sjw2h6xy@bookbinder.fernseed.info for expired keys. I also run the crypto branch since it has been published and it is working just fine. Sebastian pgpG32EW429Vz.pgp Description: PGP signature ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
Re: [Review] Re: new crypto branch providing full PGP/MIME support
On Mon, 28 Feb 2011 13:59:54 -0500, Daniel Kahn Gillmor d...@fifthhorseman.net wrote: But: what does the signed tag mean? i wouldn't want to necessarily conflate these four ideas: These are good points, Daniel. However, I had actually just been thinking of something much simpler, along the lines of just tagging signed any message with a multipart/signed part, and encrypted any message with a multipart/encrypted part. This simpler approach would certainly satisfy my needs, without having to get into sorting out all the complicated details in the points you brought up. Does that sound like it would work for folks, or would they like to see a more nuanced approach to handling tagging of signed/encrypted messages? jamie. pgpZh63tduyBT.pgp Description: PGP signature ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
Re: [Review] Re: new crypto branch providing full PGP/MIME support
Jameson Rollins jroll...@finestructure.net writes: If folks have suggestions for disambiguating tag names that don't themselves create further confusion on some other front, then I'm inclined to just go with the simplest and most straightforward tag name. Are persistent tags required here? The original question at least, seemed to just be asking for a visual indicator that a message has encrypted or signed bits. So I wondered if that might be accomplished without actual tags. Just curious. -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
running the crypto branch [was: Re: Hiding HTML mime-parts and/or scrubbing (gmail's) HTML-based citation]
Hey Jamie, On Sat, 26 Feb 2011 16:27:35 -0800, Jameson Rollins wrote: > On Sun, 27 Feb 2011 01:00:08 +0100, Xavier Maillard > wrote: > > What is the easy way to switch to your codebase from notmuch mainline ? > > I mean, what exact commands do we need to type in order to use your > > branch code ? Knowing that would certainly help people in switching and > > testing your code. > I hope that helps. Please let me know if you have any other > questions. It is crystal clear ! I have noew switched to your crypto branch. Thank you. > And of course we'd love to hear any and all feedback on the new > cryptographic features! I will report as soon as I have discovered all the new stuff. /Xavier
[Review] Re: new "crypto" branch providing full PGP/MIME support
On Sun, 27 Feb 2011 10:41:48 +, Darren McGuicken wrote: > If feedback is needed here then likewise, I've been running the crypto > branch since it was made available. The only strangeness I've seen was > that which was reported in id:"87sjw2h6xy.fsf at bookbinder.fernseed.info" > for expired keys. I also run the crypto branch since it has been published and it is working just fine. Sebastian -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/44071b68/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
I too am now running the crypto branch and find it quite amazing. The one feature I would like added, though, is some face color or auto-tagging in the search buffer for mail with encrypted mime parts. It seems like this could be achieved with notmuch effort (by someone notme) by adding similar functionality to that of attachments in index.cc. ross -- Sent from an Emacs buffer.
[Review] Re: new "crypto" branch providing full PGP/MIME support
On Mon, 28 Feb 2011 08:52:45 -0500, Ross Glover wrote: > I too am now running the crypto branch and find it quite amazing. The > one feature I would like added, though, is some face color or > auto-tagging in the search buffer for mail with encrypted mime parts. > It seems like this could be achieved with notmuch effort (by someone > notme) by adding similar functionality to that of attachments in > index.cc. Yes, this is a good idea, Ross, and one that I've actually been wanting to implement. I was thinking of auto-tagging messages with signed parts with something like "signed", and encrypted messages with "encrypted". Do people like those tags, or would they prefer to see something different? Or more specific, like "pgp-signed"? jamie. -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/f8089c58/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
On 02/28/2011 01:25 PM, Jameson Rollins wrote: > On Mon, 28 Feb 2011 08:52:45 -0500, Ross Glover > wrote: >> I too am now running the crypto branch and find it quite amazing. The >> one feature I would like added, though, is some face color or >> auto-tagging in the search buffer for mail with encrypted mime parts. >> It seems like this could be achieved with notmuch effort (by someone >> notme) by adding similar functionality to that of attachments in >> index.cc. > > Yes, this is a good idea, Ross, and one that I've actually been wanting > to implement. I was thinking of auto-tagging messages with signed parts > with something like "signed", and encrypted messages with "encrypted". > Do people like those tags, or would they prefer to see something > different? Or more specific, like "pgp-signed"? i don't care much about the difference between PGP/MIME and S/MIME message formats, so i prefer the term "signed" to "pgp-signed" and "encrypted" to "pgp-encrypted". But: what does the "signed" tag mean? i wouldn't want to necessarily conflate these four ideas: 0) "this message claims to be cryptographically-signed" 1) "we have verified a cryptographic signature over this message" 2) "we have verified a cryptographic signature over this message from a known key (that is, we believe we know who the key belongs to)" 3) "we have verified a cryptographic signature on this message from the sender claimed in the From: line" 3 implies 2, 2 implies 1, and 1 implies 0, of course. But which level would a "signed" tag signify? I'll also note that signed+encrypted messages would not get tagged with "signed" unless the recipient has successfully decrypted them. And then, it's possible that some sub-parts of a message are signed, and others are not. Would the tags indicate the maximum "level" found? or the minimum? something else? For that matter, what would an automatically-placed "encrypted" tag mean? i can think of a few different approaches: 0) some part of this message is wrapped in an encrypted MIME block 1) some part of this message is wrapped in an encrypted MIME block that claims to be decryptable by a key you control 2) some part of this message is wrapped in an encrypted MIME block and you can actually decrypt it (have decrypted it in the past?). 2 in particular couldn't be auto-assigned without having access to the user's secret key material in the first place, but maybe it could be assigned after a decryption succeeds? --dkg -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/1bc77be0/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
On Mon, 28 Feb 2011 13:59:54 -0500, Daniel Kahn Gillmor wrote: > But: what does the "signed" tag mean? i wouldn't want to necessarily > conflate these four ideas: These are good points, Daniel. However, I had actually just been thinking of something much simpler, along the lines of just tagging "signed" any message with a "multipart/signed" part, and "encrypted" any message with a "multipart/encrypted" part. This simpler approach would certainly satisfy my needs, without having to get into sorting out all the complicated details in the points you brought up. Does that sound like it would work for folks, or would they like to see a more nuanced approach to handling tagging of signed/encrypted messages? jamie. -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/6a2c2577/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
On 02/28/2011 02:56 PM, Jameson Rollins wrote: > On Mon, 28 Feb 2011 13:59:54 -0500, Daniel Kahn Gillmor fifthhorseman.net> wrote: >> But: what does the "signed" tag mean? i wouldn't want to necessarily >> conflate these four ideas: > > These are good points, Daniel. However, I had actually just been > thinking of something much simpler, along the lines of just tagging > "signed" any message with a "multipart/signed" part, and "encrypted" any > message with a "multipart/encrypted" part. this is a fair answer to my questions, not an evasion -- you're selecting level 0 in both tracks, which is not a bad thing (it's certainly simpler to get right!) The outstanding question in my mind is whether those tags could be mistaken by a na?ve user for meaning one of the other concepts. Is there a way to name the tags to minimize that kind of confusion? --dkg -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1030 bytes Desc: OpenPGP digital signature URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/16d53341/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
On Mon, 28 Feb 2011 15:08:39 -0500, Daniel Kahn Gillmor wrote: > The outstanding question in my mind is whether those tags could be > mistaken by a na?ve user for meaning one of the other concepts. Is > there a way to name the tags to minimize that kind of confusion? I think that would be difficult without using a long and cumbersome tag name ("signed-but-not-verified"??). But I think it might be a bit of a moot point, since I kind of think that any user that actually understands what a signature is, and what signature verification means, is sophisticated enough to understand that the mere presence of a signature does not mean it's been verified. I could be wrong, though. If folks have suggestions for disambiguating tag names that don't themselves create further confusion on some other front, then I'm inclined to just go with the simplest and most straightforward tag name. jamie. -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/2d63f36c/attachment.pgp>
[Review] Re: new "crypto" branch providing full PGP/MIME support
Jameson Rollins writes: > If folks have suggestions for disambiguating tag names that don't > themselves create further confusion on some other front, then I'm > inclined to just go with the simplest and most straightforward tag name. Are persistent tags required here? The original question at least, seemed to just be asking for a visual indicator that a message has encrypted or signed bits. So I wondered if that might be accomplished without actual tags. Just curious. -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
[Review] Re: new "crypto" branch providing full PGP/MIME support
On Mon, 28 Feb 2011 21:16:13 -0600, Rob Browning wrote: > Are persistent tags required here? The original question at least, > seemed to just be asking for a visual indicator that a message has > encrypted or signed bits. So I wondered if that might be accomplished > without actual tags. Hey, Rob. It probably could, but given that we already have infrastructure for modifying the face of lines in the search output based on tags, it therefore seems like the easiest way to achieve the indicator that Ross was interested in would also be via a tag. Any other method would probably require extra hacking of the search function, and hacking of the emacs interface to parse it and act on it. To me personally the issue was more about wanting to be able to easily find signed or encrypted messages. The easiest way to do that would be with a tag also, since that's kind of what they're for (again I can imagine some other sort of internal flag in the database, but that seems like it would be a lot more work). Given that it should be fairly easy to tag these messages during notmuch new, and that tags can be easily leveraged by existing functions, tags seem to me to be the way to go. jamie. -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 835 bytes Desc: not available URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20110228/b27589c3/attachment.pgp>