1 Return-Path: <bateast@bat.fr.eu.org>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 3C397431FAF
\r
6 for <notmuch@notmuchmail.org>; Fri, 14 Mar 2014 04:00:25 -0700 (PDT)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=1.741 tagged_above=-999 required=5
\r
12 tests=[HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.635,
\r
13 MIME_HTML_ONLY=1.105] autolearn=disabled
\r
14 Received: from olra.theworths.org ([127.0.0.1])
\r
15 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
16 with ESMTP id dwe1n+PAlwDg for <notmuch@notmuchmail.org>;
\r
17 Fri, 14 Mar 2014 04:00:18 -0700 (PDT)
\r
18 Received: from mx1a.lautre.net (mx1a.lautre.net [80.67.160.71])
\r
19 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
\r
20 (No client certificate requested)
\r
21 by olra.theworths.org (Postfix) with ESMTPS id 25188431FAE
\r
22 for <notmuch@notmuchmail.org>; Fri, 14 Mar 2014 04:00:18 -0700 (PDT)
\r
23 Received: from arch-vm (unknown [109.21.163.7])
\r
24 (using TLSv1 with cipher AES128-SHA (128/128 bits))
\r
25 (No client certificate requested)
\r
26 (Authenticated sender: bateast@bat.fr.eu.org)
\r
27 by mx1a.lautre.net (Postfix) with ESMTPSA id 796E8A108A;
\r
28 Fri, 14 Mar 2014 12:00:13 +0100 (CET)
\r
29 From: Baptiste <bateast@bat.fr.eu.org>
\r
30 To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, notmuch@notmuchmail.org
\r
31 Subject: Re: Smime signature verification in Notmuch - Emacs
\r
32 In-Reply-To: <531F4FDD.6000506@fifthhorseman.net>
\r
33 Organization: bat.fr.eu.org
\r
34 References: <87y50r42do.fsf@bat.fr.eu.org>
\r
35 <531F4FDD.6000506@fifthhorseman.net>
\r
36 User-Agent: Notmuch/0.17+81~g718d58a (http://notmuchmail.org) Emacs/24.3.50.2
\r
38 Date: Fri, 14 Mar 2014 11:58:55 +0100
\r
39 Message-ID: <87siqlrqq8.fsf@bat.fr.eu.org>
\r
41 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
\r
42 micalg="sha1"; boundary="----7A9AC58F7D949A2C35A72AFA089957FC"
\r
43 X-Mailman-Approved-At: Mon, 17 Mar 2014 02:21:11 -0700
\r
44 X-BeenThere: notmuch@notmuchmail.org
\r
45 X-Mailman-Version: 2.1.13
\r
47 List-Id: "Use and development of the notmuch mail system."
\r
48 <notmuch.notmuchmail.org>
\r
49 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
50 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
51 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
52 List-Post: <mailto:notmuch@notmuchmail.org>
\r
53 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
54 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
55 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
56 X-List-Received-Date: Fri, 14 Mar 2014 11:00:25 -0000
\r
58 This is an S/MIME signed message
\r
60 ------7A9AC58F7D949A2C35A72AFA089957FC
\r
61 Content-Type: text/html; charset=utf-8
\r
62 Content-Transfer-Encoding: quoted-printable
\r
69 thanks you for your answer.<br />
\r
73 firstly, sorry for my previous mail, you are right, it was broken. This one=
\r
74 should be better.<br />
\r
78 Anyway, my goal was to make S/MIME messages to work with <code>notmuch</cod=
\r
79 e>. Actually, I am not looking to modify directly <i>notmuch</i> (well, I h=
\r
80 ave no good reason for not doing it), so I hooked the notmuch emacs interfa=
\r
81 ce. I does work today with S/MIME signature and I am currently working on e=
\r
82 ncryption, though it have no clew how to recreate s-exp after decryption to=
\r
83 re-inject into <i>notmuch-show</i> emacs function.<br />
\r
87 Truly, it would be better to implement it directly in notmuch core.<br />
\r
91 Signature verification just present a line with the signature owner and the=
\r
92 trust chain status (<i>green</i> for good verification, <i>orange</i> for =
\r
93 self signed only signature). No verification is made today against :From fi=
\r
98 As for example=C2=A0:<br />
\r
100 <pre class=3D"example">
\r
101 (green) [ Good signature by: bateast@bat.fr.eu.org - 08F4ED ]
\r
106 <pre class=3D"example">
\r
107 (orange) [ Good signature by key: 0x08F4ED self signed for bateast@bat.fr.e=
\r
112 and if you click on button, you get key description=C2=A0:<br />
\r
115 <pre class=3D"example">
\r
119 Serial Number: 586989 (0x8f4ed)
\r
120 Signature Algorithm: sha1WithRSAEncryption
\r
121 Issuer: C=3DIL, O=3DStartCom Ltd., OU=3DSecure Digital Certificate =
\r
122 Signing, CN=3DStartCom Class 1 Primary Intermediate Client CA
\r
124 Not Before: Feb 11 19:01:56 2014 GMT
\r
129 My opinion is that S/MIME is more and more widely used today, and then rely=
\r
130 ing only on gpg for signature or encryption is a bit rough.<br />
\r
139 <b>Le mar., mars 11 2014, Daniel Kahn Gillmor a =C3=A9crit</b><br />
\r
147 i'm interested in the functionality you're describing, but i confess i'm co=
\r
148 nfused by the syntax of your e-mail and the structure of the file in questi=
\r
149 on, as well as how you think it should be related to the notmuch project. =
\r
150 This might all be obvious to other people; sorry for my confusion!<br />
\r
154 Do you think this should be integrated into notmuch and shipped with it? if=
\r
155 so, can you provide it as a standard patch for folks here to review?<br />
\r
159 Some questions worth documenting if possible:<br />
\r
162 <ul class=3D"org-ul">
\r
163 <li>do you expect this to work for S/MIME encrypted messages as well as S/M=
\r
164 IME signed messages?<br />
\r
167 <li>is there a reason to do this only in emacs? PGP/MIME-signed (and -encr=
\r
168 ypted) messages can be parsed directly by libnotmuch so they are useful in =
\r
169 other contexts as well<br />
\r
172 <li>what key management model does this code assume and/or enforce? how do=
\r
173 we know which keys belong to which users?<br />
\r
178 Thanks for working on notmuch!<br />
\r
194 <pre class=3D"example">
\r
198 ------7A9AC58F7D949A2C35A72AFA089957FC
\r
199 Content-Type: application/x-pkcs7-signature; name="smime.p7s"
\r
200 Content-Transfer-Encoding: base64
\r
201 Content-Disposition: attachment; filename="smime.p7s"
\r
203 MIIJGwYJKoZIhvcNAQcCoIIJDDCCCQgCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3
\r
204 DQEHAaCCBkwwggZIMIIFMKADAgECAgMI9O0wDQYJKoZIhvcNAQEFBQAwgYwxCzAJ
\r
205 BgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYDVQQLEyJTZWN1
\r
206 cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQDEy9TdGFydENv
\r
207 bSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBDQTAeFw0xNDAy
\r
208 MTExOTAxNTZaFw0xNTAyMTIyMjAxMThaMGExGTAXBgNVBA0TEEY2NkE5OGZkb2FN
\r
209 Q0k4Qk4xHjAcBgNVBAMMFWJhdGVhc3RAYmF0LmZyLmV1Lm9yZzEkMCIGCSqGSIb3
\r
210 DQEJARYVYmF0ZWFzdEBiYXQuZnIuZXUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
\r
211 AQ8AMIIBCgKCAQEAyZVzZ9wZRF2ws0rxniwRZ66Eyd+G98Cx61SPc7X1siZFsdwt
\r
212 yF+L2KI5tDIBt3uhbM5uLSNQIxysz2iDyLWxo7+u+Ot5MYOu3BCCcWyrqHJMErZG
\r
213 dWte3HlyN2suzK9j4NDwHippcgCH8ImRJ/sPH+Q9tRnr2Y6fs0LH4fH9WCrr/kR9
\r
214 kniUSnyVL5iW06ZbIS+6Pwd4VIkB6ctaq5Zro3HA75alsW6qZ5QTwJKPb4zAKMlm
\r
215 jsbQqd8VtBMjVL9FqDTIGBfvCtsSY3x8WwETw0O0ks6V3KCe3qD9o7bt66QmcH6u
\r
216 yFLnFwBBWl53q6Uj+f9HyDN6oKlQMEVykDs0KwIDAQABo4IC2zCCAtcwCQYDVR0T
\r
217 BAIwADALBgNVHQ8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME
\r
218 MB0GA1UdDgQWBBR1jaZYWD3I4/WRf66Lp+7n1c3CDjAfBgNVHSMEGDAWgBRTcu2S
\r
219 nODaywFcfH6WNU7y1LhRgjAgBgNVHREEGTAXgRViYXRlYXN0QGJhdC5mci5ldS5v
\r
220 cmcwggFMBgNVHSAEggFDMIIBPzCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEF
\r
221 BQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYB
\r
222 BQUHAgIwgeowJxYgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIB
\r
223 ARqBvlRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhl
\r
224 IENsYXNzIDEgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29t
\r
225 IENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBmb3IgdGhlIGludGVuZGVkIHB1cnBv
\r
226 c2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9u
\r
227 cy4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0
\r
228 dTEtY3JsLmNybDCBjgYIKwYBBQUHAQEEgYEwfzA5BggrBgEFBQcwAYYtaHR0cDov
\r
229 L29jc3Auc3RhcnRzc2wuY29tL3N1Yi9jbGFzczEvY2xpZW50L2NhMEIGCCsGAQUF
\r
230 BzAChjZodHRwOi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9zdWIuY2xhc3MxLmNs
\r
231 aWVudC5jYS5jcnQwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFydHNzbC5jb20v
\r
232 MA0GCSqGSIb3DQEBBQUAA4IBAQBuipeKxSwZNTsTF1uY9CHWFvHDRrhWROKQ/3oB
\r
233 cI6nV7MgXAvKxXqLGdq+N6URtKTspPuZz0pWMtHF6Sgu6mzeiXGS3ZOtz6Kq/q9Y
\r
234 raogWBYjgqp5GQwl8uKG7VW4BQPtop8DyrgP0IV97enY5qTTCmT5GsLrT6t2y5CY
\r
235 o7N1yMcukSq6VlQwm4JNrNcWK16kBO+7HwJ0JYGl9jF9ITyvsVWEg9/6uNjNT4Gs
\r
236 hZs4T1KFVA+fuKwWQXs0INZevU8UgTduKdofA4Z9+AxCm5yjfV1S+am47LqmX3hQ
\r
237 6hUtP36pa1OqeeMXYi210UmcnONJsAxFbMYyvWSVq+VntBwyMYIClzCCApMCAQEw
\r
238 gZQwgYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD
\r
239 VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYDVQQD
\r
240 Ey9TdGFydENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENsaWVudCBD
\r
241 QQIDCPTtMAkGBSsOAwIaBQCggdgwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc
\r
242 BgkqhkiG9w0BCQUxDxcNMTQwMzE0MTA1OTAwWjAjBgkqhkiG9w0BCQQxFgQUvJap
\r
243 oazocYXOILg8KwPnQM5tju4weQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASow
\r
244 CwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0D
\r
245 AgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJ
\r
246 KoZIhvcNAQEBBQAEggEAY1Y7F2BmpA8iB/UIgQlB85MrTmRv/L2nrqnHyn5b2TWw
\r
247 1PXSVvQeUPQVdo472gNeeqjOdUxjyFciLK0fsYXJNBwL991Up3RfBT+2seATtCXK
\r
248 Q38NidMf2u2+rH3m/WQjEZQ26PxwkoBEqUcBh5BOlvucqZWd65tW3fmeN/cAq6m5
\r
249 laoLJzM93Xewxekas1QfriSFrWpkZR/yJ9InUJe+sYX/pEAWF50rsSdwkOtb0SbP
\r
250 gqGOtlcnGpPCOrhCZbz6UaPc7kbxeap6IQo23ni0rSuySjbzizL7wIYGftpHXh5n
\r
251 Da2BLlSMLw00mj414S25lnXB7SnqtUaYHVDGUrqfIA==
\r
253 ------7A9AC58F7D949A2C35A72AFA089957FC--
\r