Re: Feature suggestion. Indexing encrypted mail?

Subject: Re: Feature suggestion. Indexing encrypted mail?

Date: Sat, 05 Apr 2014 21:03:04 +0200

To: Jeremy Nickurak, David Bremner

Cc: Notmuch Mailing List, Daniel Kahn Gillmor

From: john.wyzer@gmx.de


Jeremy Nickurak <not-much@trk.nickurak.ca> writes:

> Off the top of my head, you could have an encrypted index too, which you
> can only search while able to decrypt. Certainly another level of
> complexity.
>

But why add so much complexity? 

If a user decides that either transport security is enough or
additionally the hard disk is encrypted (why store an encrypted index on
an encrypted hard disk?), said user could just switch on an option in
the notmuch configuration that causes notmuch to ask for the password
before or while indexing new messages and to add decrypted messages to the
normal index as well.


The level of security would be up to the user by means of said
configuration option and those that want the convenience of searching
encrypted messages could have it.

Personally I would argue that if an attacker has the means to access the
content of my hard disk either via the network or physically, there is
no difference between having whole disk encryption and storing an
encrypted index...


Thread: