On Sun 2016-01-24 11:21:14 -0500, David Bremner wrote: > This is a simple rebase of > > id:1450100337-31655-1-git-send-email-david@tethera.net > > The first 3 patches of that series are now in master. FWIW, i'm now running with this patch series, and i can verify S/MIME signatures with it. When verifying a correct signature, though, the only thing i seem to get in notmuch-emacs (or in the notmuch show --verify output) is the view of some kind of fingerprint of the key, with no human-readable name or e-mail address associated with it. for example: "sigstatus" : [ { "created" : 1453962340, "status" : "good", "fingerprint" : "3E65C58C306C1C42CA5056903B4E6C3C7DF15AD8", "expires" : 1485215999 } ], whereas the OpenPGP PGP/MIME cleartext signature show: "sigstatus" : [ { "status" : "good", "userid" : " Daniel Kahn Gillmor <dkg@fifthhorseman.net>", "fingerprint" : "EDB2E74F56FCF2B67297B73524ECFF5AFF68370A", "created" : 1453925746 } This lack of userid be a function of my own S/MIME setup (i'm not sure whether i've got the keys and certs set up exactly right), or of a failure in gmime's pkcs7 signature handling code. But this is an improvement over the unpatched notmuch anyway. Note that none of this deals with S/MIME-enveloped (encrypted) e-mails yet either. My e-mail certificates and things are now set up within emacs (i'm using EPG instead of openssl) -- i should be able to sign this mail, and anyone else running this series should be able to verify it. I've rebased my own crypto series (indexing cleartext) on top of this series, and it also works fine (though there were a few commits that were tricky to rebase). I'd like it if this S/MIME patch series would get upstreamed! --dkg