Header protection / memoryhole [was: Re: Header encryption / memoryhole]

Subject: Header protection / memoryhole [was: Re: Header encryption / memoryhole]

Date: Sun, 08 Apr 2018 17:18:34 -0400

To: Varac, notmuch@notmuchmail.org


From: Daniel Kahn Gillmor

On Mon 2018-04-02 18:58:28 +0200, Varac wrote:

> I'd like to know the state of header encryption support for
> notmuch (aka memoryhole) [1].

"memoryhole" refers to "protected headers", not just encrypted headers.
That is, the headers can be protected both by cryptographic signature
*and* by encryption.  This is a subtlety, but probably worth getting
right as we work on documentation and implementations.

This is on my list of things to work on for notmuch, but i'd be happy if
someone else beat me to it.  clearly i've taken too long to get this

fwiw, memory-hole messages do display successfully in all versions of
notmuch i'm aware of, but they do so by rendering the "force-display"
part.  so notmuch currently uses the fallback arrangements as explicitly
intended by the original memoryhole draft.

as i see it, the steps are (in order):

 * handle encrypted subject correctly during message display time if the
   message is being decrypted.
 * handle encrypted subject specifically during message decryption at
   indexing time, storing it the correct subject field, instead of
   storing the "outside" subject.

 * suppress display of any "force-display" part during message display

 * handle any other cryptographically-protected headers during display
   and indexing.

 * generate protected headers when encrypting mail.

i welcome help with any of these steps :)

signature.asc (application/pgp-signature)
notmuch mailing list