Re: new "crypto" branch providing full PGP/MIME support

Subject: Re: new "crypto" branch providing full PGP/MIME support

Date: Thu, 03 Feb 2011 12:48:16 -0500

Cc:

On 02/02/2011 08:18 PM, Jameson Rollins wrote:
> Hi, all.  I have pushed a new branch called "crypto" to my notmuch
> repository [0].  This branch provides full support for PGP/MIME signed
> and encrypted messages, including emacs UI support.

I have tested this, and am now using it.  I'm very happy with it.  I
support its inclusion in the mainline.

Thanks for doing this, Jamie.  This is excellent!

 ----less important stuff follows----

I want to raise one (non-blocking) question about the decryption to see
if anyone has any suggestions:

If you do "notmuch show --format=json" on a PGP/MIME-encrypted plaintext
message, it emits the base message, which is structured like this:

1 └┬╴multipart/encrypted
2  ├╴application/pgp-encrypted attachment
3  └╴application/octet-stream inline [msg.asc]

with these patches, if you do "notmuch show --format=json --decrypt", it
emits this instead:

1 └┬╴multipart/encrypted
2  └╴text/plain inline

and it attaches an encstatus (and possibly sigstatus, if the message was
signed) to part 1.  I'll call this "method A".

There are other methods that could be used as well, and it's worth
making sure we've chosen one that we think is what we'll want in the
future.  here are two other proposals:

Method B:

1 └┬╴multipart/encrypted
2  ├╴application/pgp-encrypted attachment
3  └╴text/plain inline

That is, just replace part 3 (the actual encrypted body) with the
decrypted material.

This has the advantage that for single-part encrypted messages, the
structure and part numbers of the message remains the same as without
--decrypt.

Method C:

1 └╴text/plain inline

That is, replace the entire multipart/encrypted with the decrypted material.

This avoids having an explicitly-labeled "multipart/encrypted" wrapper
around cleartext (which might be considered odd).  It would mean
attaching the encstatus and sigstatus directly to the decrypted part,
though.

I don't actually see any of these methods as being significantly better
than the others -- i think they all have some inherent ugliness.  So i'm
fine with going with method A as Jamie chose it and has it working.  But
i wanted to see if anyone had strong arguments in favor of the other
methods (or if there are other --decrypt methods we could use, for that
matter)

	--dkg

signature.asc (application/pgp-signature)

Previous message (by thread): Re: new "crypto" branch providing full PGP/MIME support

Thread:

Daniel Kahn Gillmor—PGP/MIME signature verification [inbox, signed, unread]
- Jameson Rollins—Re: PGP/MIME signature verification [inbox, signed, unread]
- David Bremner—Re: PGP/MIME signature verification [inbox, unread]
  - Daniel Kahn Gillmor—Re: PGP/MIME signature verification [inbox, signed, unread]
- David Bremner—Re: PGP/MIME signature verification [inbox, unread]
  - Daniel Kahn Gillmor—Re: PGP/MIME signature verification [inbox, signed, unread]
- Jameson Rollins—Re: PGP/MIME signature verification [inbox, signed, unread]
  - Sebastian Spaeth—Re: PGP/MIME signature verification [inbox, signed, unread]
    - Daniel Kahn Gillmor—Re: PGP/MIME signature verification [inbox, signed, unread]
      - Sebastian Spaeth—Re: PGP/MIME signature verification [inbox, unread]
        Daniel Kahn Gillmor—Re: PGP/MIME signature verification [inbox, signed, unread]
  - Jameson Rollins—Re: PGP/MIME signature verification [inbox, signed, unread]
    - Jameson Rollins—new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - micah anderson—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Daniel Kahn Gillmor—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Daniel Kahn Gillmor—always encrypting messages to self [was: Re: new "crypto" branch providing full PGP/MIME support] [inbox, signed, unread]
        Sebastian Spaeth—Re: always encrypting messages to self [was: Re: new "crypto" branch providing full PGP/MIME support] [inbox, signed, unread]
        Jameson Rollins—Re: always encrypting messages to self [was: Re: new "crypto" branch providing full PGP/MIME support] [inbox, signed, unread]
        micah anderson—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Daniel Kahn Gillmor—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - Daniel Kahn Gillmor—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - Darren McGuicken—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Darren McGuicken—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Darren McGuicken—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Graef Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - David Bremner—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - David Bremner—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
      - David Bremner—[Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, unread]
        Darren McGuicken—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Sebastian Spaeth—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Ross Glover—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, unread]
        Jameson Rollins—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Daniel Kahn Gillmor—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Daniel Kahn Gillmor—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Rob Browning—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, unread]
        Jameson Rollins—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]
        Jameson Rollins—signed/encrypted tagging in crypto branch [was: Re: [Review] Re: new "crypto" branch providing full PGP/MIME support] [inbox, signed, unread]
        Jameson Rollins—Re: signed/encrypted tagging in crypto branch [inbox, signed, unread]
        Florian Friesdorf—Re: signed/encrypted tagging in crypto branch [inbox, signed, unread]
        Pieter Praet—Re: signed/encrypted tagging in crypto branch [inbox, unread]
        Simon Fondrie-Teitler—Re: [Review] Re: new "crypto" branch providing full PGP/MIME support [inbox, signed, unread]