Return-Path: <david@tethera.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 3B95F431FAF
	for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 10:12:46 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level: 
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]
	autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id hYeG0STiYTsg for <notmuch@notmuchmail.org>;
	Sat,  5 Apr 2014 10:12:42 -0700 (PDT)
Received: from mx.xen14.node3324.gplhost.com (gitolite.debian.net
	[87.98.215.224]) (using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id DB0FE431FAE
	for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 10:12:41 -0700 (PDT)
Received: from remotemail by mx.xen14.node3324.gplhost.com with local (Exim
	4.72) (envelope-from <david@tethera.net>)
	id 1WWU7M-0008LW-G8; Sat, 05 Apr 2014 17:10:56 +0000
Received: (nullmailer pid 13054 invoked by uid 1000); Sat, 05 Apr 2014
	17:10:40 -0000
From: David Bremner <david@tethera.net>
To: john.wyzer@gmx.de, notmuch@notmuchmail.org
Subject: Re: Feature suggestion. Indexing encrypted mail?
In-Reply-To: <86k3b3ybo6.fsf@someserver.somewhere>
References: <86k3b3ybo6.fsf@someserver.somewhere>
User-Agent: Notmuch/0.17+170~gf516b7c (http://notmuchmail.org) Emacs/24.3.1
	(x86_64-pc-linux-gnu)
Date: Sat, 05 Apr 2014 14:10:40 -0300
Message-ID: <878urj1z3j.fsf@maritornes.cs.unb.ca>
MIME-Version: 1.0
Content-Type: text/plain
Cc: Daniel Kahn Gillmor <dkg@debian.org>
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 17:12:46 -0000

john.wyzer@gmx.de writes:

> Would it be possible to add the configurable option to also decrypt
> encrypted messages on the fly while indexing to make them searchable,
> too?
>
> That would be really great for people that consider gnupg  mainly an
> encryption for transport or have their complete hard drive encrypted...

As far I understand an attacker could reconstruct the message from the
index, so one question is whether the extra complexity in notmuch is
worth the minimal extra security over decrypting on delivery and storing
plaintext on the (presumably encrypted) disk. Of course decrypting on
delivery may be inconvenient (or impossible). I have CCed the two people
who have implemented most of the crypto related stuff in notmuch so they
can comment.

d