From 57cd8a7ab9db04f2f29e791ee71b9380b7a21dce Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 23 Jul 2014 00:39:04 +2000 Subject: [PATCH] Re: Bug#755544: notmuch-emacs: doesn't check gpg/pgp signatures by default --- 6c/e3d91c06c48868428f68cf1f0e50f2ad28b33f | 116 ++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 6c/e3d91c06c48868428f68cf1f0e50f2ad28b33f diff --git a/6c/e3d91c06c48868428f68cf1f0e50f2ad28b33f b/6c/e3d91c06c48868428f68cf1f0e50f2ad28b33f new file mode 100644 index 000000000..42e857f9a --- /dev/null +++ b/6c/e3d91c06c48868428f68cf1f0e50f2ad28b33f @@ -0,0 +1,116 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by olra.theworths.org (Postfix) with ESMTP id 72D80431FC3 + for ; Mon, 21 Jul 2014 21:39:15 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at olra.theworths.org +X-Spam-Flag: NO +X-Spam-Score: 0 +X-Spam-Level: +X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[none] + autolearn=disabled +Received: from olra.theworths.org ([127.0.0.1]) + by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id m8qfv4Rb-M-F for ; + Mon, 21 Jul 2014 21:39:08 -0700 (PDT) +Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) + by olra.theworths.org (Postfix) with ESMTP id 44F2C431FAE + for ; Mon, 21 Jul 2014 21:39:08 -0700 (PDT) +Received: from [10.0.1.131] (173-230-166-62.cable.teksavvy.com + [173.230.166.62]) + by che.mayfirst.org (Postfix) with ESMTPSA id E959EF984; + Tue, 22 Jul 2014 00:39:04 -0400 (EDT) +Message-ID: <53CDEAE8.3000607@fifthhorseman.net> +Date: Tue, 22 Jul 2014 00:39:04 -0400 +From: Daniel Kahn Gillmor +User-Agent: Mozilla/5.0 (X11; Linux x86_64; + rv:30.0) Gecko/20100101 Icedove/30.0 +MIME-Version: 1.0 +To: Jameson Graef Rollins , + David Bremner , + Vagrant Cascadian , 755544@bugs.debian.org +Subject: Re: Bug#755544: notmuch-emacs: doesn't check gpg/pgp signatures by + default +References: <20140721223426.GA5250@siren> + <87silucnfx.fsf@maritornes.cs.unb.ca> + <87iomqxkzp.fsf@servo.finestructure.net> <53CDE8F8.8050200@fifthhorseman.net> +In-Reply-To: <53CDE8F8.8050200@fifthhorseman.net> +Content-Type: multipart/signed; micalg=pgp-sha512; + protocol="application/pgp-signature"; + boundary="C5NDsD6eucQPDMVR8tHCuNvtxKu1l6efU" +Cc: notmuch@notmuchmail.org +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.13 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Tue, 22 Jul 2014 04:39:15 -0000 + +This is an OpenPGP/MIME signed message (RFC 4880 and 3156) +--C5NDsD6eucQPDMVR8tHCuNvtxKu1l6efU +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +On 07/22/2014 12:30 AM, Daniel Kahn Gillmor wrote: +> On 07/21/2014 09:03 PM, Jameson Graef Rollins wrote: +>> On Mon, Jul 21 2014, David Bremner wrote: +>>> notmuch folks: it seems that in vagrant's message, and several others= + I +>>> checked, it notmuch-crypto-process-mime=3D=3Dnil, then no signature b= +utton +>>> is created at all. +>> +>> Yes, this is true. The signature button is pretty meaningless if we'r= +e +>> not processing the signature. +>> +>> Maybe instead by default we could have a signature button that opens u= +p +>> a notmuch-crypto-process-mime customization buffer? +>=20 +> Or the button could just re-load the current view while processing the +> signature, and send "you can customize notmuch-crypt-process-mime to do= + +> this automatically in the future" to *Messages*. + +Oh, and it seems like in the case where no verification or PGP/MIME +procesing was done, we need to make it a *lot* clearer to the user that +no signature verification was done. + + --dkg + + +--C5NDsD6eucQPDMVR8tHCuNvtxKu1l6efU +Content-Type: application/pgp-signature; name="signature.asc" +Content-Description: OpenPGP digital signature +Content-Disposition: attachment; filename="signature.asc" + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQJ8BAEBCgBmBQJTzeroXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w +ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFQjk2OTEyODdBN0FEREUzNzU3RDkxMUVB +NTI0MDFCMTFCRkRGQTVDAAoJEKUkAbEb/fpcpboP/2I5aIyC/vyBNJhDJ7foSOPO +cva8R+L9gejzqFAI4xhUHpWY2VXj1/PWV6iCg4UacEPBKDFEIEUdO5emMMtw8kNa +6sknFjfxEe9YmCnIlfmBvXhoTvpj/ceQ/DaOHxzGi4Ihg5dfUov16+TNKyukaLGF +aznCYU3+cHouEv5GCUueK2H+dJkRrRKyqqyOtLkAdICeXs3kqRiPVxYCijWdt+NH +jXt+3/rcP49zo8AD8r41ZqOT9GCqwVNqxxenbPKFmFFf6E0huYDZxbHJ1skETmo3 +vae7UYKKLs29GakGxt3CyeuP/wSDDpMTyaxzTZ/SitjuCXYpB9S0omdfxBlxPdMq +wTkk7ef0bKZpC5xEdufj46n86XAFdmsyS2nFPD1stYvkJzu98hkn6lnlgJlhPfL1 +2iLhsj7uUKnXrO4TLv8D8pBEc9jJvdlzxw2s7q/TlsG78hIn4jiJdIouVM1ZHyJc +tY9f7IUFhvb0uFyckSfILimAnB/5Ffdg0dI0dGuk4AliMNDNVCbMyxKQG8GNMJHN +DpWUGWiqZvodX0isu7DE6Ud9K9jDKWPewjkwhOvH9X3ZJ2dI75DNx81a6X7/Jnb9 +nKXF/ZZoLVEo9GPptt6cOVjzgDgbIrGYhc2o105GrKdnW3vSmTIAmTxRpZhTMmLT +QPkiJVeBeQmT3akZ16fP +=UwVd +-----END PGP SIGNATURE----- + +--C5NDsD6eucQPDMVR8tHCuNvtxKu1l6efU-- -- 2.26.2