--- /dev/null
+Return-Path: <david@tethera.net>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+ by olra.theworths.org (Postfix) with ESMTP id 6F740431FBF\r
+ for <notmuch@notmuchmail.org>; Mon, 21 Jul 2014 16:16:55 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: 0\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]\r
+ autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+ by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+ with ESMTP id B2HpEF1NTCvU for <notmuch@notmuchmail.org>;\r
+ Mon, 21 Jul 2014 16:16:50 -0700 (PDT)\r
+Received: from yantan.tethera.net (yantan.tethera.net [199.188.72.155])\r
+ (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))\r
+ (No client certificate requested)\r
+ by olra.theworths.org (Postfix) with ESMTPS id B40F1431FAE\r
+ for <notmuch@notmuchmail.org>; Mon, 21 Jul 2014 16:16:50 -0700 (PDT)\r
+Received: from remotemail by yantan.tethera.net with local (Exim 4.80)\r
+ (envelope-from <david@tethera.net>)\r
+ id 1X9Mp0-0001hP-LT; Mon, 21 Jul 2014 20:16:42 -0300\r
+Received: (nullmailer pid 12758 invoked by uid 1000); Mon, 21 Jul 2014\r
+ 23:16:34 -0000\r
+From: David Bremner <david@tethera.net>\r
+To: Vagrant Cascadian <vagrant@debian.org>, 755544@bugs.debian.org\r
+Subject: Re: Bug#755544: notmuch-emacs: doesn't check gpg/pgp signatures by\r
+ default\r
+In-Reply-To: <20140721223426.GA5250@siren>\r
+References: <20140721223426.GA5250@siren>\r
+User-Agent: Notmuch/0.18.1+45~gf47eeac (http://notmuchmail.org) Emacs/24.3.1\r
+ (x86_64-pc-linux-gnu)\r
+Date: Mon, 21 Jul 2014 20:16:34 -0300\r
+Message-ID: <87silucnfx.fsf@maritornes.cs.unb.ca>\r
+MIME-Version: 1.0\r
+Content-Type: text/plain\r
+Cc: notmuch@notmuchmail.org\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+ <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Mon, 21 Jul 2014 23:16:55 -0000\r
+\r
+Vagrant Cascadian <vagrant@debian.org> writes:\r
+\r
+> Package: notmuch-emacs\r
+> Version: 0.18.1-1\r
+> Severity: important\r
+>\r
+> Thanks for notmuch-emacs, it's great!\r
+>\r
+> I did notice that it doesn't appear to check weather gpg/pgp signatures are\r
+> valid by default.\r
+>\r
+> When I created a signed message to myself, made a copy of it, and then manually\r
+> edited the text within without changing the signature...\r
+>\r
+> But notmuch-emacs doesn't distinguish between the valid signature\r
+:\r
+>\r
+> Subject: valid gpg sig\r
+> To: vagrant@localhost\r
+> Date: Mon, 21 Jul 2014 15:03:45 -0700\r
+> \r
+> [ multipart/signed ]\r
+> [ text/plain ]\r
+> this should be a VALID gpg signature.\r
+> [ signature.asc: application/pgp-signature ]\r
+>\r
+> And the edited text, with an invalid signature:\r
+>\r
+> Subject: invalid gpg sig\r
+> To: vagrant@localhost\r
+> Date: Mon, 21 Jul 2014 15:03:45 -0700\r
+> \r
+> [ multipart/signed ]\r
+> [ text/plain ]\r
+> this should be an INVALID gpg signature.\r
+> [ signature.asc: application/pgp-signature ]\r
+\r
+Hi Vagrant;\r
+\r
+Thanks for the bug report. It seems that most of the developers\r
+have customized the emacs variable\r
+\r
+notmuch-crypto-process-mime to t\r
+\r
+For the moment I suggest that as a workaround, and we'll see about\r
+fixing the UI bug upstream.\r
+\r
+notmuch folks: it seems that in vagrant's message, and several others I\r
+checked, it notmuch-crypto-process-mime==nil, then no signature button\r
+is created at all.\r
projects / notmuch-archives.git / commitdiff