From: Daniel Kahn Gillmor Date: Fri, 11 Dec 2015 15:34:25 +0000 (+1900) Subject: Re: allow indexing cleartext of encrypted messages X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=08efd71ca120ac616e2c79be1b7972c1863d6d80;p=notmuch-archives.git Re: allow indexing cleartext of encrypted messages --- diff --git a/a7/f978ca1f7c6b323c54de1a38ef7c8f33c8bf81 b/a7/f978ca1f7c6b323c54de1a38ef7c8f33c8bf81 new file mode 100644 index 000000000..72bd289ce --- /dev/null +++ b/a7/f978ca1f7c6b323c54de1a38ef7c8f33c8bf81 @@ -0,0 +1,102 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by arlo.cworth.org (Postfix) with ESMTP id 5B8CC6DE0A9A + for ; Fri, 11 Dec 2015 07:34:30 -0800 (PST) +X-Virus-Scanned: Debian amavisd-new at cworth.org +X-Spam-Flag: NO +X-Spam-Score: -0.016 +X-Spam-Level: +X-Spam-Status: No, score=-0.016 tagged_above=-999 required=5 + tests=[AWL=-0.016] autolearn=disabled +Received: from arlo.cworth.org ([127.0.0.1]) + by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 6KXgyGtc-J2i for ; + Fri, 11 Dec 2015 07:34:28 -0800 (PST) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by arlo.cworth.org (Postfix) with ESMTP id 442986DE005F + for ; Fri, 11 Dec 2015 07:34:28 -0800 (PST) +Received: from fifthhorseman.net (unknown [38.109.115.130]) + by che.mayfirst.org (Postfix) with ESMTPSA id 89216F984 + for ; Fri, 11 Dec 2015 10:34:26 -0500 (EST) +Received: by fifthhorseman.net (Postfix, from userid 1000) + id B101320001; Fri, 11 Dec 2015 10:34:25 -0500 (EST) +From: Daniel Kahn Gillmor +To: Notmuch Mail +Subject: Re: allow indexing cleartext of encrypted messages +In-Reply-To: <1449718786-28000-1-git-send-email-dkg@fifthhorseman.net> +References: <1449718786-28000-1-git-send-email-dkg@fifthhorseman.net> +User-Agent: Notmuch/0.21 (http://notmuchmail.org) Emacs/24.5.1 + (x86_64-pc-linux-gnu) +Date: Fri, 11 Dec 2015 10:34:25 -0500 +Message-ID: <87zixhgfsu.fsf@alice.fifthhorseman.net> +MIME-Version: 1.0 +Content-Type: text/plain +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.20 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Fri, 11 Dec 2015 15:34:30 -0000 + +On Wed 2015-12-09 22:39:37 -0500, Daniel Kahn Gillmor wrote: +> * the libnotmuch API is extended with +> notmuch_database_add_message_try_decrypt(). This should probably +> ultimately be more general, because there are a few additional +> knobs that i can imagine fiddling at indexing time. For example: +> +> * verifying cryptographic signatures and storing something about +> those verifications in the notmuch db +> +> * extracting OpenPGP session key information for a given message +> and storing it in a lookaside table in the notmuch db, so that +> it's possible to securely destroy old encryption-capable keys +> and still have local access to the cleartext of the remaining +> messages. +> +> Some of these additional features might be orthogonal to one +> another as well. I welcome suggestions for how to improve the API +> so that we don't end up with a combinatorial explosion of +> n_d_add_message_foo() functions. + +I have a proposal for how to do this better: + +I'll introduce a notmuch_index_options_t, with the usual constructors +and destructors and a couple functions: + + notmuch_index_options_set_try_decrypt() + notmuch_index_options_get_try_decrypt() + notmuch_index_options_set_gpg_path() + notmuch_index_options_get_gpg_path() + +Then i'll add: + + notmuch_database_add_message_with_options(db, fname, options, &message) + +If we add new indexing features, they can be set directly in the +index_options object (including features that might be more complex than +a string or a bool, like a chain of command-line filters). + +a few nice features of this approach: + + * The user of the library can craft a set of index options and repeat + it easily, and the options can contain cached/lazily-initialized + things (like GMimeCryptoContexts) if needed. + + * The user can index different messages with different options if they + prefer (no need to set the options on the database object itself) + + * the capability of the indexing features in the library is visible + directly in the exposed API. + +any thoughts on this? + + --dkg