Return-Path: <dkg@fifthhorseman.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id BAE8540DBDA
	for <notmuch@notmuchmail.org>; Mon, 15 Nov 2010 08:41:00 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level: 
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id gN4IJKcA-9+o for <notmuch@notmuchmail.org>;
	Mon, 15 Nov 2010 08:40:50 -0800 (PST)
Received: from rodolpho.mayfirst.org (rodolpho.mayfirst.org [209.234.253.107])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id ABDE840DBDE
	for <notmuch@notmuchmail.org>; Mon, 15 Nov 2010 08:40:50 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by rodolpho.mayfirst.org (Postfix) with ESMTP id E4FD93CD51;
	Mon, 15 Nov 2010 11:40:47 -0500 (EST)
X-Virus-Scanned: Debian amavisd-new at rodolpho.mayfirst.org
Received: from rodolpho.mayfirst.org ([127.0.0.1])
	by localhost (rodolpho.mayfirst.org [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id B1owRp0cxH0W; Mon, 15 Nov 2010 11:40:47 -0500 (EST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender:
	smtpauth@rodolpho.mayfirst.org) with ESMTPSA id 922553CD45
Message-ID: <4CE1628B.90206@fifthhorseman.net>
Date: Mon, 15 Nov 2010 11:40:43 -0500
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
	rv:1.9.2.9) Gecko/20100918 Icedove/3.1.4
MIME-Version: 1.0
To: David Edmondson <dme@dme.org>
Subject: Re: a proposed change to JSON output to report verification of
	PGP/MIME signatures.
References: <4CDE4486.2050101@fifthhorseman.net>
	<871v6mzxza.fsf@ut.hh.sledj.net>
In-Reply-To: <871v6mzxza.fsf@ut.hh.sledj.net>
X-Enigmail-Version: 1.1.2
OpenPGP: id=D21739E9
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature";
	boundary="------------enig89FA32B51862D827BEFA79D6"
Cc: notmuch <notmuch@notmuchmail.org>
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Nov 2010 16:41:00 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig89FA32B51862D827BEFA79D6
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 11/15/2010 05:23 AM, David Edmondson wrote:
> i.e. the existence of the multipart/signed wrapper should be
> explicit. In general, all MIME parts should be visible.=20

thanks, this makes sense to me.

> Changing the JSON output in this way would not materially affect your
> proposal, I believe. There'd be some implicit changes in the output (fo=
r
> example, if a signature signs a multipart/mixed part your proposal woul=
d
> list it as signing the sub-parts of the multipart/mixed, but with my
> additional changes it should be listed as signing the multipart/mixed
> itself).

this is interesting: under your proposed changes, the "signs" element
would not need to be a list any more. it could just be a single part ID.
 I think i like that.

"sigstatus" would still need to be a list, though, since you can have a
signature part that contains multiple signature packets.

Thanks for helping think this through, David.

	--dkg


--------------enig89FA32B51862D827BEFA79D6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJM4WKLAAoJEMzS7ZTSFznpfJoP/25jaTDnLLqRx44tuJZw4AN4
pr0SnThsW+yD+Fu5V8mpeKhnN+95c8zWzpfnw+BLP5z3z/3VkG/S7+V3K3ymveVc
GyOWgXs6hZSnhL6LvWWKhL26o62CIRY+XwClUEwFzr4R7A60mfFt+kbzFFPvR1rZ
me27DlfIQZ1YALA4HZKAJvGNXAv2pfkatqyLfLQUIIuIZz8frHniT1FYEypvx89B
id0DvaLrf9bpcj1xzA/UCMRFJeB2wGFjn3tfaTNevUEqR+BFRtnzMYO1K/wUaOXE
titCSw4Z9xpddha6lHelAHbuKTq3YA3C6RwsZUbrgiZXU2mBgtUFdOH7bxexWJZK
O2+UoinRQt0fnPNihvVwinyWf9WyV6L6ySJcN1hgKuWFvFIoCnTHrJyuLmA8U7ke
rmVEAfsPQMqirAwpUFTH97+jGP0OIChPbEM4pJil3X/2aLx3ynQLszC0RsE+IM1I
aX4uVORMDuy0WwwD5d8e+u8YZ9WUS3oASp3cCnoUMfUjKgGoS45Uq0MF5KuXRCs0
MiwaFF71WpuIJFqyKgAtJ1oIkR3PjX1X94WUC1bvLcnuB+ib2DTn9cmsDTBokHjR
pmpX139heo0fX44RPsk7f9UW1frLCccUQH2H/isFyzy9iAtsrTFBcsIKbVN0jc+s
dkzPg4jPkrvE30OaPMGA
=aKkT
-----END PGP SIGNATURE-----

--------------enig89FA32B51862D827BEFA79D6--