Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id D3713431FBC for ; Fri, 8 Jan 2010 02:24:48 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id glvqQn2-OEqf for ; Fri, 8 Jan 2010 02:24:48 -0800 (PST) Received: from clegg.madduck.net (clegg.madduck.net [193.242.105.96]) by olra.theworths.org (Postfix) with ESMTP id 001BC431FAE for ; Fri, 8 Jan 2010 02:24:47 -0800 (PST) Received: from lapse.rw.madduck.net (lapse.nz.madduck.net [IPv6:2001:4428:234::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "lapse.rw.madduck.net", Issuer "CAcert Class 3 Root" (verified OK)) by clegg.madduck.net (postfix) with ESMTPS id 19F151D409A; Fri, 8 Jan 2010 11:24:40 +0100 (CET) Received: by lapse.rw.madduck.net (Postfix, from userid 1000) id 97661809C; Fri, 8 Jan 2010 23:24:37 +1300 (NZDT) Date: Fri, 8 Jan 2010 23:24:37 +1300 From: martin f krafft To: Ruben Pollan Message-ID: <20100108102437.GA11257@lapse.rw.madduck.net> Mail-Followup-To: Ruben Pollan , notmuch@notmuchmail.org References: <20091123130009.GA31695@finestructure.net> <20091126060132.GA5875@finestructure.net> <20100108025610.GA28357@lapse.rw.madduck.net> <20100108092121.GE7139@blackspot> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline In-Reply-To: <20100108092121.GE7139@blackspot> X-Motto: Keep the good times rollin' X-OS: Debian GNU/Linux squeeze/sid kernel 2.6.32-trunk-686 i686 X-Spamtrap: madduck.bogus@madduck.net X-Subliminal-Message: debian/rules! User-Agent: Mutt/1.5.20 (2009-06-14) X-Virus-Scanned: clamav-milter 0.95.3 at clegg X-Virus-Status: Clean Cc: notmuch@notmuchmail.org Subject: Re: [notmuch] indexing encrypted messages (was: OpenPGP support) X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jan 2010 10:24:49 -0000 --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable also sprach Ruben Pollan [2010.01.08.2221 +1300]: > I think that would be security hole. You should not store the > encrypted messages on a decrypted database. A solution whould be > to encrypt as well the xapian DB, but I think is too complex for > the use. As I said in <20100108091216.GC735@lapse.rw.madduck.net>, I think it should be optionally possible for those that are encrypting the xapian DB in other ways. > You should be still able, with the actual notmuch, to search over > the headers of your encrypted messages, or any other non-encrypted > part of the message. Is not like that? Most of the time, I search headers, but I do search bodies regularly. So no, that would not be enough, at least not with the ideal solution. And notmuch comes close to ideal already! ;) --=20 martin | http://madduck.net/ | http://two.sentenc.es/ =20 infinite loop: see 'loop, infinite'. loop, infinite: see 'infinite loop'. =20 spamtraps: madduck.bogus@madduck.net --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature; name="digital_signature_gpg.asc" Content-Description: Digital signature (see http://martin-krafft.net/gpg/) Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEAREDAAYFAktHB+UACgkQIgvIgzMMSnUCpwCfRy1SWxWifbocjD6v3KfTy+AS zssAoJUcqnOl2fBdoWaXln7FYkQ/PsXo =gbUb -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--