Re: Feature suggestion. Indexing encrypted mail?

diff --git a/77/0e5661fc1ecd920fb40fbf935d3538769dbc17 b/77/0e5661fc1ecd920fb40fbf935d3538769dbc17
new file mode 100644 (file)
index 0000000..cd9f740
--- /dev/null
+++ b/77/0e5661fc1ecd920fb40fbf935d3538769dbc17
@@ -0,0 +1,70 @@
+Return-Path: <david@tethera.net>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+       by olra.theworths.org (Postfix) with ESMTP id 3B95F431FAF\r
+       for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 10:12:46 -0700 (PDT)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: 0\r
+X-Spam-Level: \r
+X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none]\r
+       autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+       by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+       with ESMTP id hYeG0STiYTsg for <notmuch@notmuchmail.org>;\r
+       Sat,  5 Apr 2014 10:12:42 -0700 (PDT)\r
+Received: from mx.xen14.node3324.gplhost.com (gitolite.debian.net\r
+       [87.98.215.224]) (using TLSv1 with cipher AES256-SHA (256/256 bits))\r
+       (No client certificate requested)\r
+       by olra.theworths.org (Postfix) with ESMTPS id DB0FE431FAE\r
+       for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 10:12:41 -0700 (PDT)\r
+Received: from remotemail by mx.xen14.node3324.gplhost.com with local (Exim\r
+       4.72) (envelope-from <david@tethera.net>)\r
+       id 1WWU7M-0008LW-G8; Sat, 05 Apr 2014 17:10:56 +0000\r
+Received: (nullmailer pid 13054 invoked by uid 1000); Sat, 05 Apr 2014\r
+       17:10:40 -0000\r
+From: David Bremner <david@tethera.net>\r
+To: john.wyzer@gmx.de, notmuch@notmuchmail.org\r
+Subject: Re: Feature suggestion. Indexing encrypted mail?\r
+In-Reply-To: <86k3b3ybo6.fsf@someserver.somewhere>\r
+References: <86k3b3ybo6.fsf@someserver.somewhere>\r
+User-Agent: Notmuch/0.17+170~gf516b7c (http://notmuchmail.org) Emacs/24.3.1\r
+       (x86_64-pc-linux-gnu)\r
+Date: Sat, 05 Apr 2014 14:10:40 -0300\r
+Message-ID: <878urj1z3j.fsf@maritornes.cs.unb.ca>\r
+MIME-Version: 1.0\r
+Content-Type: text/plain\r
+Cc: Daniel Kahn Gillmor <dkg@debian.org>\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+       <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Sat, 05 Apr 2014 17:12:46 -0000\r
+\r
+john.wyzer@gmx.de writes:\r
+\r
+> Would it be possible to add the configurable option to also decrypt\r
+> encrypted messages on the fly while indexing to make them searchable,\r
+> too?\r
+>\r
+> That would be really great for people that consider gnupg  mainly an\r
+> encryption for transport or have their complete hard drive encrypted...\r
+\r
+As far I understand an attacker could reconstruct the message from the\r
+index, so one question is whether the extra complexity in notmuch is\r
+worth the minimal extra security over decrypting on delivery and storing\r
+plaintext on the (presumably encrypted) disk. Of course decrypting on\r
+delivery may be inconvenient (or impossible). I have CCed the two people\r
+who have implemented most of the crypto related stuff in notmuch so they\r
+can comment.\r
+\r
+d\r