From a387c155b198d84af3fbb433ec1aa7a0a09bfeaf Mon Sep 17 00:00:00 2001
From: Tomi Ollila <tomi.ollila@iki.fi>
Date: Sat, 6 Feb 2016 22:48:55 +0200
Subject: [PATCH] Re: Allow indexing cleartext of encrypted messages (v3)

---
 ac/7dec7d9123e08c7f084b196f1750f53d4580d5 | 117 ++++++++++++++++++++++
 1 file changed, 117 insertions(+)
 create mode 100644 ac/7dec7d9123e08c7f084b196f1750f53d4580d5

diff --git a/ac/7dec7d9123e08c7f084b196f1750f53d4580d5 b/ac/7dec7d9123e08c7f084b196f1750f53d4580d5
new file mode 100644
index 000000000..cb67e057d
--- /dev/null
+++ b/ac/7dec7d9123e08c7f084b196f1750f53d4580d5
@@ -0,0 +1,117 @@
+Return-Path: <tomi.ollila@iki.fi>
+X-Original-To: notmuch@notmuchmail.org
+Delivered-To: notmuch@notmuchmail.org
+Received: from localhost (localhost [127.0.0.1])
+ by arlo.cworth.org (Postfix) with ESMTP id ACB676DE09ED
+ for <notmuch@notmuchmail.org>; Sat,  6 Feb 2016 12:48:47 -0800 (PST)
+X-Virus-Scanned: Debian amavisd-new at cworth.org
+X-Spam-Flag: NO
+X-Spam-Score: 0.652
+X-Spam-Level: 
+X-Spam-Status: No, score=0.652 tagged_above=-999 required=5 tests=[AWL=-0.000,
+  SPF_NEUTRAL=0.652] autolearn=disabled
+Received: from arlo.cworth.org ([127.0.0.1])
+ by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id XkMfr6XP8k8a for <notmuch@notmuchmail.org>;
+ Sat,  6 Feb 2016 12:48:44 -0800 (PST)
+Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34])
+ by arlo.cworth.org (Postfix) with ESMTP id AA3806DE0261
+ for <notmuch@notmuchmail.org>; Sat,  6 Feb 2016 12:48:44 -0800 (PST)
+Received: from guru.guru-group.fi (localhost [IPv6:::1])
+ by guru.guru-group.fi (Postfix) with ESMTP id E1340100063;
+ Sat,  6 Feb 2016 22:48:55 +0200 (EET)
+From: Tomi Ollila <tomi.ollila@iki.fi>
+To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
+ Notmuch Mail <notmuch@notmuchmail.org>
+Subject: Re: Allow indexing cleartext of encrypted messages (v3)
+In-Reply-To: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net>
+References: <1454272801-23623-1-git-send-email-dkg@fifthhorseman.net>
+User-Agent: Notmuch/0.21+32~g73439f8 (http://notmuchmail.org) Emacs/24.3.1
+ (x86_64-unknown-linux-gnu)
+X-Face: HhBM'cA~<r"^Xv\KRN0P{vn'Y"Kd;zg_y3S[4)KSN~s?O\"QPoL
+ $[Xv_BD:i/F$WiEWax}R(MPS`^UaptOGD`*/=@\1lKoVa9tnrg0TW?"r7aRtgk[F
+ !)g;OY^,BjTbr)Np:%c_o'jj,Z
+Date: Sat, 06 Feb 2016 22:48:55 +0200
+Message-ID: <m2bn7tef9k.fsf@guru.guru-group.fi>
+MIME-Version: 1.0
+Content-Type: text/plain
+X-BeenThere: notmuch@notmuchmail.org
+X-Mailman-Version: 2.1.20
+Precedence: list
+List-Id: "Use and development of the notmuch mail system."
+ <notmuch.notmuchmail.org>
+List-Unsubscribe: <https://notmuchmail.org/mailman/options/notmuch>,
+ <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
+List-Archive: <http://notmuchmail.org/pipermail/notmuch/>
+List-Post: <mailto:notmuch@notmuchmail.org>
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
+List-Subscribe: <https://notmuchmail.org/mailman/listinfo/notmuch>,
+ <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
+X-List-Received-Date: Sat, 06 Feb 2016 20:48:47 -0000
+
+On Sun, Jan 31 2016, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
+
+> This is the third draft of the series initially announced in
+> id:1449718786-28000-1-git-send-email-dkg@fifthhorseman.net (second
+> draft was in
+> id:1453258369-7366-1-git-send-email-dkg@fifthhorseman.net).  It
+> differs from v2 in that it incorporates the recent improvements in
+> detecting and processing S/MIME signatures.
+
+Looks pretty good. Nothing to bikeshed. Did not run tests yet.
+
+Tomi
+
+
+>
+> From the v2 description:
+>
+>> Notmuch currently doesn't index the cleartext of encrypted mail.  This
+>> is the right choice by default, because the index is basically
+>> cleartext-equivalent, and we wouldn't want every indexed mailstore to
+>> leak the contents of its encrypted mails.
+>> 
+>> However, if a notmuch user has their index in a protected location,
+>> they may prefer the convenience of being able to search the contents
+>> of (at least some of) their encrypted mail.
+>> 
+>> This series of patches enables notmuch to index the cleartext of
+>> specific encrypted messages when they're being added via "notmuch new"
+>> or "notmuch insert", via a new --try-decrypt flag.
+>> 
+>> If --try-decrypt is used, and decryption is successful for part of a
+>> message, the message gets an additional "index-decrypted" tag.  If
+>> decryption of part of a message fails, the message gets an additional
+>> "index-decryption-failed" tag.
+>
+> v2 addresses the concerns raised from the helpful feedback on the
+> previous series, and adds a notmuch_indexopts_t object that can be
+> used to declare options for indexing messages, including a
+> "try_decrypt" boolean.
+>
+> Additionally, this series adds a new function to libnotmuch:
+>
+>   notmuch_message_reindex (notmuch_message_t *message,
+>                            notmuch_indexopts_t *indexopts)
+>
+> Which allows user of the library to adjust the indexing options of a
+> given message.
+>
+> The CLI is additionally augmented with a new notmuch subcommand,
+> "notmuch reindex", which also has a --try-decrypt flag.
+>
+> So a user who has their message index stored securely and wants to
+> index the cleartext of all encrypted messages they've received can do
+> something like:
+>
+>   notmuch reindex --try-decrypt tag:encrypted and not tag:index-decrypted
+>
+> Or can clear all indexed cleartext from their database with:
+>
+>   notmuch reindex tag:encrypted and tag:index-decrypted
+>
+>
+> _______________________________________________
+> notmuch mailing list
+> notmuch@notmuchmail.org
+> https://notmuchmail.org/mailman/listinfo/notmuch
-- 
2.26.2