Re: [PATCH] Fix typo in Message.maildir_flags_to_tags

[notmuch-archives.git] / b5 / ba32a442fe8865f930ebf12a3955adc08a2da7

Return-Path: <dkg@fifthhorseman.net>\r
X-Original-To: notmuch@notmuchmail.org\r
Delivered-To: notmuch@notmuchmail.org\r
Received: from localhost (localhost [127.0.0.1])\r
        by olra.theworths.org (Postfix) with ESMTP id CD8F9431FB6\r
        for <notmuch@notmuchmail.org>; Fri,  4 Feb 2011 09:30:34 -0800 (PST)\r
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
X-Spam-Flag: NO\r
X-Spam-Score: 0\r
X-Spam-Level: \r
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]\r
        autolearn=disabled\r
Received: from olra.theworths.org ([127.0.0.1])\r
        by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
        with ESMTP id XSvKy0+0VGRV for <notmuch@notmuchmail.org>;\r
        Fri,  4 Feb 2011 09:30:34 -0800 (PST)\r
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108])\r
        by olra.theworths.org (Postfix) with ESMTP id 49FEF431FB5\r
        for <notmuch@notmuchmail.org>; Fri,  4 Feb 2011 09:30:34 -0800 (PST)\r
Received: from [192.168.23.207] (dsl254-070-154.nyc1.dsl.speakeasy.net\r
        [216.254.70.154])\r
        by che.mayfirst.org (Postfix) with ESMTPSA id C8A71F98B;\r
        Fri,  4 Feb 2011 12:30:32 -0500 (EST)\r
Message-ID: <4D4C37B0.1090202@fifthhorseman.net>\r
Date: Fri, 04 Feb 2011 12:30:24 -0500\r
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>\r
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;\r
        rv:1.9.2.13) Gecko/20101213 Icedove/3.1.7\r
MIME-Version: 1.0\r
To: micah anderson <micah@riseup.net>\r
Subject: Re: new "crypto" branch providing full PGP/MIME support\r
References: <4CF15D67.1070904@fifthhorseman.net>\r
        <87aak08fu8.fsf@servo.finestructure.net>\r
        <87fwsf9mip.fsf@servo.finestructure.net>\r
        <87tygl29vu.fsf@servo.finestructure.net>\r
        <87hbclkrvh.fsf@algae.riseup.net>\r
        <4D4B0761.7040603@fifthhorseman.net>\r
        <87r5bn68hs.fsf@algae.riseup.net>\r
In-Reply-To: <87r5bn68hs.fsf@algae.riseup.net>\r
X-Enigmail-Version: 1.1.2\r
Content-Type: multipart/signed; micalg=pgp-sha512;\r
        protocol="application/pgp-signature";\r
        boundary="------------enigC2820EB67D53802FCCAABF1E"\r
Cc: notmuch <notmuch@notmuchmail.org>\r
X-BeenThere: notmuch@notmuchmail.org\r
X-Mailman-Version: 2.1.13\r
Precedence: list\r
List-Id: "Use and development of the notmuch mail system."\r
        <notmuch.notmuchmail.org>\r
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
        <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
List-Post: <mailto:notmuch@notmuchmail.org>\r
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
        <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
X-List-Received-Date: Fri, 04 Feb 2011 17:30:34 -0000\r
\r
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)\r
--------------enigC2820EB67D53802FCCAABF1E\r
Content-Type: text/plain; charset=UTF-8\r
Content-Transfer-Encoding: quoted-printable\r
\r
On 02/04/2011 11:59 AM, micah anderson wrote:\r
> On Thu, 03 Feb 2011 14:52:01 -0500, Daniel Kahn Gillmor <dkg@fifthhorse=\r
man.net> wrote:\r
>> when you say "encrypted by" do you mean "encrypted to"?  do you have\r
>> access to the corresponding secret key?\r
>=20\r
> If I open a message that was sent to me and was encrypted by the sender=\r
\r
> using a key that they have since revoked, or has expired, I saw this.\r
\r
so you hold key A, the sender holds key B, they encrypt the message with\r
B, and then revoke key B, and then you try to read the message (without\r
holding key B)?\r
\r
or are you saying you hold key A, sender holds key B, they encrypt to A,\r
*sign* the message with B, and then revoke B?  If it's this case, does\r
the same thing happen even if the message is not encrypted?\r
\r
Sorry for the nit-picking pedantry here -- I'm trying to get a clear\r
workflow for a test case.\r
\r
> Most humans I know reference their key by the keyid, where keyid means\r
> the 8 character representation of their key. When they need to ensure\r
> that their key is not being spoofed they either rely on the tools to do=\r
\r
> cryptographic verification, or inspect the fingerprint. I dont think\r
> moving towards using a longer format of the keyid helps here. The key i=\r
s\r
> unknown, and to get it known requires going through a key signing\r
> process, or fingerprint verification, which isn't aided by having a\r
> longer form keyid.=20\r
>=20\r
> If I am presented with a short form keyid, and I go and try and receive=\r
\r
> that key from the keyservers and then I am presented with two different=\r
\r
> options, then I'm going to inspect the two and determine then which one=\r
\r
> is the right one. I dont need to front-load that knowledge in the\r
> interface.\r
\r
and if you're presented with only one key, you will just accept that\r
one?  that puts you at the mercy of the network (or the keyserver\r
operator at least, and we can't all have the luxury of being or knowing\r
the keyserver operator directly).\r
\r
If you're arguing "i would like to be able to recognize the key by\r
32-bit key ID" i don't think it's actually possible to do so because of\r
the spoofability; a tool that provides cryptographic assurances should\r
discourage attempts to make the user vulnerable to spoofing.\r
\r
If you're saying we should remove the 64-bit keyID entirely and just say\r
"signature from unknown, non-validated key", i think that's a defensible\r
position, though it's not one i would take.\r
\r
>> is this really a use case worth bothering with?\r
>=20\r
> No.\r
\r
:)\r
\r
>> do you have a suggestion for how you think it should behave\r
>> differently?\r
>=20\r
> I think my suggestion was already made: short form.\r
\r
and as i said above, i think this is a mistake if we're trying to\r
provide tools that give cryptographic assurances.\r
\r
thanks for the testing and the corner cases!\r
\r
        --dkg\r
\r
\r
--------------enigC2820EB67D53802FCCAABF1E\r
Content-Type: application/pgp-signature; name="signature.asc"\r
Content-Description: OpenPGP digital signature\r
Content-Disposition: attachment; filename="signature.asc"\r
\r
-----BEGIN PGP SIGNATURE-----\r
Version: GnuPG v1.4.11 (GNU/Linux)\r
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/\r
\r
iQJ8BAEBCgBmBQJNTDewXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w\r
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQwRUU1QkU5NzkyODJEODBCOUY3NTQwRjFD\r
Q0QyRUQ5NEQyMTczOUU5AAoJEMzS7ZTSFznpImAP/3/b21EHQZrKjVA5dYuPhAfN\r
WUbz2U6bvZ5RCE7FJpf5yuFHIefuCdEYH9DW9tsqlzeBJ9NvvuPibwZa381LsTQb\r
kvLGrzqNuoy6kjBVb0nQvomPrJZEEtyUEO/SkZKyTkFB0ihdRtDRKXjFOXij70yc\r
4P3CwEm/09L8ovrTBy6/93WluziK7e2v/0s1vbxIk0OL0O/E2AKcN8UBdjl7mVTK\r
MFAxiWtOgplLjx1hyOSVlOecGzk4+IkeAy5iHj1k1Nsq0hp2u+iZJDs3ewirzlzM\r
9YWM5hEa0MDrwVCTyfIjF0Rl0nRIEqBJ43JNhDeCRlxMTB36LTG8x0EM56T403lN\r
IDLUXj1/4DGHlF0/f5+ezglvObdV6PmxtxGRYUtHcFQqoYVMOXPQ84CFWXq5RZth\r
xJDEDt5AFnnstrBnXNZyh9m3kaQE6YvV38dj+zZDU76zIA62MTjaUSHLVY7LLWsG\r
cjehEmgkDklkrT+VGdzO6qASAByNt06afvEJ1ZdQfdWBwfntbCfAE6SRBt+QCXGu\r
+vnApCXWfFLLaOEZ9zAm391W2RvhSH6uqZkQh0QQZHjB9VBzkgI1e083SF+EKSK2\r
FhvjRrcuIRn7qVYUcOCB+G5ryolwGr5yIc/iK3zDhFpMgHEK78YSyTXF9bqpikOR\r
9UnkbGXHbMyMCtAtMsMB\r
=oXES\r
-----END PGP SIGNATURE-----\r
\r
--------------enigC2820EB67D53802FCCAABF1E--\r