Off the top of my head, you could have an encrypted index too, which you
can only search while able to decrypt. Certainly another level of
complexity.


On Sat, Apr 5, 2014 at 11:10 AM, David Bremner <david@tethera.net> wrote:

> john.wyzer@gmx.de writes:
>
> > Would it be possible to add the configurable option to also decrypt
> > encrypted messages on the fly while indexing to make them searchable,
> > too?
> >
> > That would be really great for people that consider gnupg  mainly an
> > encryption for transport or have their complete hard drive encrypted...
>
> As far I understand an attacker could reconstruct the message from the
> index, so one question is whether the extra complexity in notmuch is
> worth the minimal extra security over decrypting on delivery and storing
> plaintext on the (presumably encrypted) disk. Of course decrypting on
> delivery may be inconvenient (or impossible). I have CCed the two people
> who have implemented most of the crypto related stuff in notmuch so they
> can comment.
>
> d
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch
>