[notmuch] OpenPGP support

2009-11-29 Thread Jameson Graef Rollins 
On Thu, Nov 26, 2009 at 10:41:36AM -0800, Carl Worth wrote:
> On Mon, 23 Nov 2009 08:00:09 -0500, Jameson Graef Rollins  finestructure.net> wrote:
> > Hi, folks.  I know it's a hairy problem, but has anyone started
> > looking into OpenPGP support for notmuch?
> 
> I definitely want this.

Thanks so much for this response, Carl.  I'm glad to hear there's
other interest in the this.

> I've got message-mode setup to sign my messages automatically when I
> start a new compose from within notmuch with 'm'. I did this with the
> following in my .emacs:
> 
> ; sign messages by default
> (add-hook 'message-setup-hook
> (lambda ()
>   (mml-secure-message-sign)))
>
> I'm not sure how to make sure that I also get that when doing a reply
> within notmuch. Keith, I think you worked this out, right? What did you
> do?

Ah, this is a great suggestion.  Thank you.  I saw Keith's reply as
well, which also works great with replies.

> Meanwhile, the other pieces still needed are automatic signature
> verification for multipart/signed messages, and then support for
> decrypting GPG-encrypted messages.

So I think this is maybe the most important thing missing from notmuch
right now.  I would really really like to see this working.
Unfortunately my emacs/lisp skills are poor to say the least.  I'll
try to look into how gnus or other emacs mail interfaces handle this
stuff, but if anyone else has any pointers for the list that would be
great.

jamie.
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL:

[notmuch] OpenPGP support

2009-11-27 Thread Carl Worth 
On Thu, 26 Nov 2009 15:01:38 -0800, Keith Packard  wrote:
> On Thu, 26 Nov 2009 10:41:36 -0800, Carl Worth  wrote:
> 
> > I'm not sure how to make sure that I also get that when doing a reply
> > within notmuch. Keith, I think you worked this out, right? What did you
> > do?
> 
> ; sign messages by default
> (defun my-notmuch-message-mode-hook()
>   (if (buffer-modified-p)
>   (mml-secure-message-sign)))
> 
> (add-hook 'message-mode-hook 'my-notmuch-message-mode-hook)
> (add-hook 'message-setup-hook 'my-notmuch-message-mode-hook)

Thanks. And look! A signed reply now.

-Carl
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:

Re: [notmuch] OpenPGP support

2009-11-27 Thread Carl Worth 
On Thu, 26 Nov 2009 15:01:38 -0800, Keith Packard kei...@keithp.com wrote:
 On Thu, 26 Nov 2009 10:41:36 -0800, Carl Worth cwo...@cworth.org wrote:
 
  I'm not sure how to make sure that I also get that when doing a reply
  within notmuch. Keith, I think you worked this out, right? What did you
  do?
 
 ; sign messages by default
 (defun my-notmuch-message-mode-hook()
   (if (buffer-modified-p)
   (mml-secure-message-sign)))
 
 (add-hook 'message-mode-hook 'my-notmuch-message-mode-hook)
 (add-hook 'message-setup-hook 'my-notmuch-message-mode-hook)

Thanks. And look! A signed reply now.

-Carl


pgpGCReW1RXkc.pgp
Description: PGP signature
___
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

[notmuch] OpenPGP support

2009-11-26 Thread Keith Packard 
On Thu, 26 Nov 2009 10:41:36 -0800, Carl Worth  wrote:

> I'm not sure how to make sure that I also get that when doing a reply
> within notmuch. Keith, I think you worked this out, right? What did you
> do?

; sign messages by default
(defun my-notmuch-message-mode-hook()
  (if (buffer-modified-p)
  (mml-secure-message-sign)))

(add-hook 'message-mode-hook 'my-notmuch-message-mode-hook)
(add-hook 'message-setup-hook 'my-notmuch-message-mode-hook)

The message-setup-hook is called for new messages, the message-mode-hook
is called for both; the hack is to check for the reply case by looking
to see if the buffer has been modified as the message mode hook gets
called on an empty buffer in the new message case.

-- 
keith.packard at intel.com
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL:

[notmuch] OpenPGP support

2009-11-26 Thread Jameson Graef Rollins 
On Thu, Nov 26, 2009 at 12:38:01PM +0530, Aneesh Kumar K. V wrote:
> message-mode can sign the message using C-c RET C-s
> which is mml-secure-message-sign

Thanks so much, Aneesh!  That's great.  I was not aware of those
abilities in mml mode.  I just noticed that epa-mail-{sign,encrypt}
can do this as well, but much less cleanly.  So the mml commands are
exactly what I was looking for.  Well, at least exactly *half* of what
I was looking for...

So the issue now is verifying/decrypting signed/encrypted received
mail.  Playing around with it a bit more, I've found a couple of
interesting things.  If I'm viewing an encrypted message with
notmuch-show, and if I type 'v' (notmuch-show-view-all-mime-parts), I
get the full message view, and then a prompt to:

Decrypt (PGP) part? (y or n)

Typing 'y', I see that there is some communication with my gpg agent
(I get a gpg agent password prompt), but then once the password is
entered, nothing happens, ie. I don't see the decrypted part.  I'm
trying to figure out where the problem is here.  Presumably something
is failing to capture the output of the gpg decryption.  I'm not clear
either about what mode is trying to do this decryption.  Is this epa?

Unfortunately nothing at all happens when I hit 'v' when viewing a
message that has OpenPGP signature attachment.

I also just discovered that there are some
epa-mail-{sign,verify,{de,en}crypt} commands that work similar to (but
not as cleanly as) the mml commands.  Unfortunately none of this is
very coherent.  And some sort of integration with notmuch-show would
be sweet.

jamie.
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL:

[notmuch] OpenPGP support

2009-11-26 Thread Aneesh Kumar K. V 
On Thu, 26 Nov 2009 01:01:32 -0500, Jameson Graef Rollins  wrote:
> On Mon, Nov 23, 2009 at 08:00:09AM -0500, Jameson Graef Rollins wrote:
> > Hi, folks.  I know it's a hairy problem, but has anyone started
> > looking into OpenPGP support for notmuch?
> 
> Hey, folks.  I wanted to try to follow up on this question.
> 
> I would really like to start using notmuch with emacs beyond just
> testing, but I really need to be able to handle/read/send mail with
> PGP/MIME encoded attachments.  Do folks have any suggestions on how to
> handle this?  Is there a separate emacs mode that people use for
> signing/verifying/{de,en}crypting mail buffers, or is this something
> that is going to have to be integrated into the notmuch mode?  I guess
> the notmuch-show mode at least will need to do some verifying and
> decrypting.
> 
> I've noticed that some people on this list sign their mails.  Are
> those of you that do using notmuch?  If so, I would love to learn how
> you handle it.  Thanks so much for the info.
> 

message-mode can sign the message using C-c RET C-s
which is mml-secure-message-sign


-aneesh
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL:

[notmuch] OpenPGP support

2009-11-26 Thread Carl Worth 
On Thu, 26 Nov 2009 13:31:05 -0500, Jameson Graef Rollins  wrote:
> So the issue now is verifying/decrypting signed/encrypted received
> mail.  Playing around with it a bit more, I've found a couple of
> interesting things.  If I'm viewing an encrypted message with
> notmuch-show, and if I type 'v' (notmuch-show-view-all-mime-parts), I
> get the full message view, and then a prompt to:
> 
> Decrypt (PGP) part? (y or n)
> 
> Typing 'y', I see that there is some communication with my gpg agent
> (I get a gpg agent password prompt), but then once the password is
> entered, nothing happens, ie. I don't see the decrypted part.

Our integration with the MIME pieces of emacs definitely leaves
something to be desired. What currently happens when you press 'v' is
that notmuch creates a new buffer with the raw message content, then
runs mm-dissect-buffer and mm-display-parts on the content.

This works quite well for non-text parts, (either a mailcap-configured
viewer will be launched, or else you will be prompted to save the
file). But for text parts, the mm code appears to just write into the
temporary buffer that notmuch ends up killing before you can see
anything. So we just need to work out something proper here.

One thing I experimented with, that seems to work quite well, is to
construct a minimal buffer that the mm code will interpret as a
MIME-encoded message with just a single part.

So that's just a MIME-Version header, the original Content-type header,
a blank line, and then the original MIME content with its boundary
markers. So if we write a notmuch command to return that, then we'll be
able to easily support viewing of a single MIME part, (and I think it
will be easy to detect whether any text content ended up getting added
to the intermediate buffer that the user wants to see).

Any help experimenting more with this stuff would be very appreciated.

-Carl

[notmuch] OpenPGP support

2009-11-26 Thread Carl Worth 
On Mon, 23 Nov 2009 08:00:09 -0500, Jameson Graef Rollins  wrote:
> Hi, folks.  I know it's a hairy problem, but has anyone started
> looking into OpenPGP support for notmuch?

I definitely want this.

I've got message-mode setup to sign my messages automatically when I
start a new compose from within notmuch with 'm'. I did this with the
following in my .emacs:

; sign messages by default
(add-hook 'message-setup-hook
  (lambda ()
(mml-secure-message-sign)))

I'm not sure how to make sure that I also get that when doing a reply
within notmuch. Keith, I think you worked this out, right? What did you
do?

I'm also interested in automating things like this as much as
possible. I'd much rather people flip one Boolean notmuch-sign-messages
variable then have to code up multiple lambda's within .emacs.

Meanwhile, the other pieces still needed are automatic signature
verification for multipart/signed messages, and then support for
decrypting GPG-encrypted messages.

I'm certain that the various mail-handling modes within emacs already
have support for these things, so it's really just a matter of finding
and hooking into that support.

Of course, if we code some of this up at the library or command-line
level, then the non-emacs interfaces could automatically benefit from it
as well.

And that same argument applies for viewing of MIME-encoded message
parts---I definitely want support at the command-line interface of
notmuch to at least extract a specific MIME part from a message.

In one sense, it's unfortunate that I figured out a way to let me view
these parts within emacs without that support in the notmuch
command-line. That definitely took the pressure off me to finish up
coding this piece, (which actually wouldn't be hard at all).

-Carl

[notmuch] OpenPGP support

2009-11-26 Thread Jameson Graef Rollins 
On Mon, Nov 23, 2009 at 08:00:09AM -0500, Jameson Graef Rollins wrote:
> Hi, folks.  I know it's a hairy problem, but has anyone started
> looking into OpenPGP support for notmuch?

Hey, folks.  I wanted to try to follow up on this question.

I would really like to start using notmuch with emacs beyond just
testing, but I really need to be able to handle/read/send mail with
PGP/MIME encoded attachments.  Do folks have any suggestions on how to
handle this?  Is there a separate emacs mode that people use for
signing/verifying/{de,en}crypting mail buffers, or is this something
that is going to have to be integrated into the notmuch mode?  I guess
the notmuch-show mode at least will need to do some verifying and
decrypting.

I've noticed that some people on this list sign their mails.  Are
those of you that do using notmuch?  If so, I would love to learn how
you handle it.  Thanks so much for the info.

jamie.i
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL:

[notmuch] OpenPGP support

2009-11-23 Thread Jameson Graef Rollins 
Hi, folks.  I know it's a hairy problem, but has anyone started
looking into OpenPGP support for notmuch?

jamie.
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: