Re: using the fringe to indicate good signatures

diff --git a/3a/d7fdb928831a9b16ce83b3ede5cf809ac048e5 b/3a/d7fdb928831a9b16ce83b3ede5cf809ac048e5
new file mode 100644 (file)
index 0000000..8819e4a
--- /dev/null
+++ b/3a/d7fdb928831a9b16ce83b3ede5cf809ac048e5
@@ -0,0 +1,93 @@
+Return-Path: <dme@dme.org>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+ by arlo.cworth.org (Postfix) with ESMTP id 449BE6DE0B7C\r
+ for <notmuch@notmuchmail.org>; Mon,  7 Sep 2015 23:01:49 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at cworth.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: 0.648\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=0.648 tagged_above=-999 required=5 tests=[AWL=0.715, \r
+ RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01,\r
+ RCVD_IN_MSPIKE_WL=-0.01, SPF_NEUTRAL=0.652, UNPARSEABLE_RELAY=0.001]\r
+ autolearn=disabled\r
+Received: from arlo.cworth.org ([127.0.0.1])\r
+ by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)\r
+ with ESMTP id 9iQiExda6qDH for <notmuch@notmuchmail.org>;\r
+ Mon,  7 Sep 2015 23:01:47 -0700 (PDT)\r
+Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com\r
+ [209.85.212.180])\r
+ by arlo.cworth.org (Postfix) with ESMTPS id 82FF26DE0B64\r
+ for <notmuch@notmuchmail.org>; Mon,  7 Sep 2015 23:01:46 -0700 (PDT)\r
+Received: by wicfx3 with SMTP id fx3so101891797wic.0\r
+ for <notmuch@notmuchmail.org>; Mon, 07 Sep 2015 23:01:44 -0700 (PDT)\r
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;\r
+ d=1e100.net; s=20130820;\r
+ h=x-gm-message-state:to:subject:in-reply-to:references:user-agent\r
+ :from:date:message-id:mime-version:content-type;\r
+ bh=H3CS5cNp73iI4JQ4lNPIyqlcIxFufa5XR/4PUgn8G8k=;\r
+ b=GO21dRksProrM1rf/Z8F1acUrQIK9mLMarhv1zNKQylw7LUQfjyH5gbXWFpSyW28Zi\r
+ AUZlM0rR2QrM2tTRmGF4b5I1llxAvxOXfFn2No8RNB882Le8a7S4pB+bWyAbv6fBxyF0\r
+ EZpoU+xL+tcq3VyRqxQA8gVcSbAAR9Z1QRd5zlWZuboZmY8WWg9jS2FjMwF5mqSpTXle\r
+ 7jbJkeITXwABSmBYyE0FsSeE3+19wmkKAiaxRL66V9NFmpWfzo+pg2lOVppUUd9bpJl2\r
+ g8+aYMks7knMlFc2VZaqoBwn9IxVfhxBXD2+kKL7F7LxcE+mf4wJe3jOSPi+xoFoL7TT\r
+ 1zqQ==\r
+X-Gm-Message-State:\r
+ ALoCoQl/qwpw5GhMS9ONaEZX45A4FFcxWiFT865/lNHa6NSZML8soWPA0CSK15N3psy43R2L8pa7\r
+X-Received: by 10.194.110.37 with SMTP id hx5mr43376464wjb.149.1441692104118; \r
+ Mon, 07 Sep 2015 23:01:44 -0700 (PDT)\r
+Received: from disaster-area.hh.sledj.net\r
+ ([2a01:348:1a2:1:ea39:35ff:fe2c:a227])\r
+ by smtp.gmail.com with ESMTPSA id cm6sm3788303wib.22.2015.09.07.23.01.43\r
+ (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\r
+ Mon, 07 Sep 2015 23:01:43 -0700 (PDT)\r
+Received: from localhost (30000@localhost [local]);\r
+ by localhost (OpenSMTPD) with ESMTPA id 82f827f7;\r
+ Tue, 8 Sep 2015 06:01:42 +0000 (UTC)\r
+To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, notmuch@notmuchmail.org\r
+Subject: Re: using the fringe to indicate good signatures\r
+In-Reply-To: <87d1xtn8s8.fsf@alice.fifthhorseman.net>\r
+References: <m2mvxmxfwl.fsf@heart-of-gold.hh.sledj.net>\r
+ <87d1xtn8s8.fsf@alice.fifthhorseman.net>\r
+User-Agent: none\r
+From: David Edmondson <dme@dme.org>\r
+Date: Tue, 08 Sep 2015 07:01:42 +0100\r
+Message-ID: <m2vbbl8n5l.fsf@heart-of-gold.hh.sledj.net>\r
+MIME-Version: 1.0\r
+Content-Type: text/plain\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.18\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+ <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch/>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Tue, 08 Sep 2015 06:01:49 -0000\r
+\r
+On Mon, Sep 07 2015, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:\r
+> On Thu 2015-08-20 09:12:26 -0400, David Edmondson wrote:\r
+>> After listening to bremner, dkg et al. from Heidelberg, I threw together\r
+>> a quick patch to see how we might indicate signature validity in the\r
+>> fringe. The intention is to prompt more discussion - this code is not\r
+>> ready to ship.\r
+>\r
+>> The patch is attached. The result looks something like:\r
+>>     http://dme.org/data/images/notmuch-signed-fringe.png\r
+>\r
+> I like the basic idea of this, thanks for putting it together.  It's\r
+> good to put security indicators in a region of the UI that the message\r
+> content cannot modify or spoof.\r
+>\r
+> What do we think should be done if there are multiple nested signatures?\r
+\r
+Cry?\r
+\r
+More seriously, we could use the indentation space for a similar\r
+indicator, which would allow us some room at an appropriate depth for\r
+each message (but not each part (in the default configuration)).\r