1 Return-Path: <jrollins@finestructure.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 37E7940DBF8
\r
6 for <notmuch@notmuchmail.org>; Tue, 16 Nov 2010 12:11:20 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5
\r
12 tests=[BAYES_00=-1.9, T_MIME_NO_TEXT=0.01] autolearn=unavailable
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id Fm+xi-dRWs5p for <notmuch@notmuchmail.org>;
\r
16 Tue, 16 Nov 2010 12:11:09 -0800 (PST)
\r
17 Received: from tarap.cc.columbia.edu (tarap.cc.columbia.edu [128.59.29.7])
\r
18 by olra.theworths.org (Postfix) with ESMTP id BA9E440DADE
\r
19 for <notmuch@notmuchmail.org>; Tue, 16 Nov 2010 12:11:09 -0800 (PST)
\r
20 Received: from servo.finestructure.net
\r
21 (pool-108-27-62-5.nycmny.fios.verizon.net [108.27.62.5])
\r
22 (user=jgr2110 author=jrollins@finestructure.net mech=PLAIN bits=0)
\r
23 by tarap.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id oAGKB2AC026945
\r
24 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
\r
25 Tue, 16 Nov 2010 15:11:03 -0500 (EST)
\r
26 Received: from jrollins by servo.finestructure.net with local (Exim 4.72)
\r
27 (envelope-from <jrollins@finestructure.net>)
\r
28 id 1PIRrq-0002BM-5d; Tue, 16 Nov 2010 15:11:02 -0500
\r
29 From: Jameson Rollins <jrollins@finestructure.net>
\r
30 To: Carl Worth <cworth@cworth.org>,
\r
31 Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
\r
32 notmuch <notmuch@notmuchmail.org>
\r
33 Subject: Re: a proposed change to JSON output to report verification of
\r
34 PGP/MIME signatures.
\r
35 In-Reply-To: <87hbfhdpa6.fsf@yoom.home.cworth.org>
\r
36 References: <4CDE4486.2050101@fifthhorseman.net>
\r
37 <87hbfhdpa6.fsf@yoom.home.cworth.org>
\r
38 User-Agent: Notmuch/0.5 (http://notmuchmail.org) Emacs/23.2.1
\r
40 Date: Tue, 16 Nov 2010 15:10:59 -0500
\r
41 Message-ID: <87wrod9gh8.fsf@servo.finestructure.net>
\r
43 Content-Type: multipart/signed; boundary="=-=-=";
\r
44 micalg=pgp-sha256; protocol="application/pgp-signature"
\r
45 X-No-Spam-Score: Local
\r
46 X-Scanned-By: MIMEDefang 2.68 on 128.59.29.7
\r
47 X-BeenThere: notmuch@notmuchmail.org
\r
48 X-Mailman-Version: 2.1.13
\r
50 List-Id: "Use and development of the notmuch mail system."
\r
51 <notmuch.notmuchmail.org>
\r
52 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
53 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
54 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
55 List-Post: <mailto:notmuch@notmuchmail.org>
\r
56 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
57 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
58 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
59 X-List-Received-Date: Tue, 16 Nov 2010 20:11:20 -0000
\r
62 Content-Transfer-Encoding: quoted-printable
\r
64 On Tue, 16 Nov 2010 11:47:13 -0800, Carl Worth <cworth@cworth.org> wrote:
\r
65 > The only other piece I think I'd like to see is actually making the
\r
66 > content of the signature pieces available in the json output. Then, a
\r
67 > client could do its own verification.
\r
69 > Then if we had that would we not want to add the --verify support into
\r
70 > notmuch? (My guess is that we still would want it.)
\r
72 Hey, Carl. I think your suggestion to include the signatures in the
\r
73 output is a reasonable. However, (I could be misunderstanding your
\r
74 suggestion but) I really think the Right thing is for notmuch to do the
\r
75 verification itself. I would almost say that --verify should be the
\r
76 default, with a --no-verify option. It will make things much easier for
\r
77 all the UIs if notmuch handles the verification and just outputs the
\r
83 Content-Type: application/pgp-signature
\r
85 -----BEGIN PGP SIGNATURE-----
\r
86 Version: GnuPG v1.4.10 (GNU/Linux)
\r
88 iQIcBAEBCAAGBQJM4uVTAAoJEO00zqvie6q8lhwQAJb7hMz+trFFiAoyoCdNfna4
\r
89 /QN36aEcr7O+fKAhwLtqVGvJI3ljA0lD3h7BarC4FGaZx0ZR8f1LDE8uDTRT/DOt
\r
90 5t2zfPWEXlPgkKZngyl+7h/uZ2GHUuP1B93BWi+yiK4rlKvrkjYyBiySAYEVR3n9
\r
91 sfT/7oBjFH8OATFzHPaQzNM53R5YWvCxzGFZjZFa3gA8eHUN76MXQIlDZ9qgIfhj
\r
92 dIQ9RkfBm5l+szVKELrwFKD1bgd6OacFXVRmn2dpANE05fuztctm5rUizS3zw/mk
\r
93 zxhctrfJ1Zv5B5BKBhgqrMsYm9PsgJsfkXQH/+SkQZyjY0xfLkiP2ikMlebyTrEA
\r
94 F3boq7PkDbA2PAuD5RhwfZgBwFEgYaz98FeBAWTFVxvd9wpWdAat/Yd4JTAHGbT8
\r
95 ot3akMSERtiKFK852QfLSt1fU53CIHXgVNdecYxDnZBl+X4pTIkzwkdVUZR9/xVj
\r
96 LdJgM6M0otpGMSjfSIgAd5/zCwNvEu0+0rzY54sTD7daViTMU/7WnpTluRXixdDA
\r
97 zVk8pfaRu9mLdloHI1Y0EhxOS4TbZ7CVVgnG3crUcuf4JFVlPOa19IRZdbNEXlE9
\r
98 rWAzzF1kv/pXKtc90+tNcBcv5xZAGLL5vwPWHlvrKwiXpYtv5QhF6/cvmo2FmBPu
\r
99 oFOfHEkm6l/5K7VllJrB
\r
101 -----END PGP SIGNATURE-----
\r