1 Return-Path: <jrollins@finestructure.net>
\r
2 X-Original-To: notmuch@notmuchmail.org
\r
3 Delivered-To: notmuch@notmuchmail.org
\r
4 Received: from localhost (localhost [127.0.0.1])
\r
5 by olra.theworths.org (Postfix) with ESMTP id 81982431FB6
\r
6 for <notmuch@notmuchmail.org>; Mon, 20 Dec 2010 10:22:30 -0800 (PST)
\r
7 X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
\r
11 X-Spam-Status: No, score=-2.29 tagged_above=-999 required=5
\r
12 tests=[RCVD_IN_DNSWL_MED=-2.3, T_MIME_NO_TEXT=0.01] autolearn=disabled
\r
13 Received: from olra.theworths.org ([127.0.0.1])
\r
14 by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
\r
15 with ESMTP id ETosvHdxrTlK for <notmuch@notmuchmail.org>;
\r
16 Mon, 20 Dec 2010 10:22:29 -0800 (PST)
\r
17 Received: from brinza.cc.columbia.edu (brinza.cc.columbia.edu [128.59.29.8])
\r
18 by olra.theworths.org (Postfix) with ESMTP id 9AABD431FB5
\r
19 for <notmuch@notmuchmail.org>; Mon, 20 Dec 2010 10:22:29 -0800 (PST)
\r
20 Received: from servo.finestructure.net (cpe-74-66-82-137.nyc.res.rr.com
\r
22 (user=jgr2110 author=jrollins@finestructure.net mech=PLAIN bits=0)
\r
23 by brinza.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id oBKIMB3R009561
\r
24 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
\r
25 Mon, 20 Dec 2010 13:22:27 -0500 (EST)
\r
26 Received: from jrollins by servo.finestructure.net with local (Exim 4.72)
\r
27 (envelope-from <jrollins@finestructure.net>)
\r
28 id 1PUkN9-0002Md-1n; Mon, 20 Dec 2010 13:22:11 -0500
\r
29 From: Jameson Rollins <jrollins@finestructure.net>
\r
30 To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
\r
31 notmuch <notmuch@notmuchmail.org>
\r
32 Subject: Re: PGP/MIME signature verification
\r
33 In-Reply-To: <4CF15D67.1070904@fifthhorseman.net>
\r
34 References: <4CF15D67.1070904@fifthhorseman.net>
\r
35 User-Agent: Notmuch/0.5 (http://notmuchmail.org) Emacs/23.2.1
\r
37 Date: Mon, 20 Dec 2010 13:22:07 -0500
\r
38 Message-ID: <87aak08fu8.fsf@servo.finestructure.net>
\r
40 Content-Type: multipart/signed; boundary="=-=-=";
\r
41 micalg=pgp-sha256; protocol="application/pgp-signature"
\r
42 X-No-Spam-Score: Local
\r
43 X-Scanned-By: MIMEDefang 2.68 on 128.59.29.8
\r
44 X-BeenThere: notmuch@notmuchmail.org
\r
45 X-Mailman-Version: 2.1.13
\r
47 List-Id: "Use and development of the notmuch mail system."
\r
48 <notmuch.notmuchmail.org>
\r
49 List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
\r
50 <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
\r
51 List-Archive: <http://notmuchmail.org/pipermail/notmuch>
\r
52 List-Post: <mailto:notmuch@notmuchmail.org>
\r
53 List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
\r
54 List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
\r
55 <mailto:notmuch-request@notmuchmail.org?subject=subscribe>
\r
56 X-List-Received-Date: Mon, 20 Dec 2010 18:22:30 -0000
\r
59 Content-Transfer-Encoding: quoted-printable
\r
61 On Sat, 27 Nov 2010 14:35:03 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.=
\r
63 > the signature-verification branch on my git repo [0] contains functional
\r
64 > PGP/MIME signature verification if you supply the --verify argument to
\r
66 > notmuch show --format=3Djson
\r
68 > It relies on gpg being in the path, and on the user having the signer's
\r
69 > key in their gnupg keyring.
\r
71 I was able to merge dkg's signature-verification branch on top of
\r
72 cworth's current master head (b3caef1f) with only a tiny
\r
73 easily-resolvable conflict. It seems to work exactly as advertised, and
\r
74 I wholeheartedly approve and endorse this patch set for inclusion
\r
77 Approved-and-Tested-By: Jameson Rollins <jrollins@finestructure.net>
\r
79 I have pushed a merged "signature-verification" branch to my repo, along
\r
80 with a single commit to fix an errant newline in the json --verify
\r
83 git://finestructure.net/notmuch
\r
85 Carl: can you give an indication of whether or not you intend to
\r
86 ultimately accept this patch set? If so, I would like to start work on
\r
87 representing signature verification information in the emacs UI. I want
\r
88 to make sure that we're good with this effort first, though.
\r
90 We should probably also start a conversation about how best to represent
\r
91 the signature verification info. I'll bring that up in a separate
\r
94 dkg: again, great work on this! Thanks!
\r
96 Next up: decrypting!
\r
101 Content-Type: application/pgp-signature
\r
103 -----BEGIN PGP SIGNATURE-----
\r
104 Version: GnuPG v1.4.10 (GNU/Linux)
\r
106 iQIcBAEBCAAGBQJND57QAAoJEO00zqvie6q8B+EP/3OkJIhqCozdbkoQLmntUC+W
\r
107 tuDCh6NNV7D3JuNSmptRqJEX6mpooOMzFHwE7rt4yBdl8K+w03Vvit44HkxjS/XB
\r
108 6CuHgYe2AHreWV2aLUUd9zFwQNnbXi378MgoyhXsuo7bmeTyn+NhhoKNVWrtXAqx
\r
109 8lhLViJxFtOPqzq3ugdYJXLxwN9Pgx6b7+A9lqLXxv0EEg2s/7xyILzTx25Einxl
\r
110 6X0kK9A14giJN6H9DD5RyOXfdR0xNpLj1WwURXy3gnb4X434rZclxfWq6AAld2c9
\r
111 k7q/V6PsoHKismv7qgAwnR/B4LOmBZEue2Bn2y9m9NkDXf/0mfsxtaWyr6AlFDuW
\r
112 4X611/NForpsY8IBa/s063gAvRERgQFZ4PhFYKr04XipVAtroofg76rcdX/8zunN
\r
113 5t2NRDdVpw6NXK7emkx+m7byxpscuImH/FhIxXoePKD6lvoSJRqprNYXb5jPXwTz
\r
114 wQ3RP736iowKf0f2XS5SMGfnhjfIWaVUWRsidveJUtxxebVPxgnvu3qHhoj2Y6XX
\r
115 KVvkb6YqAqbLkWExF42ZWpbe3UvlXYbVe6aIFd8/H/qv7W+8uTlU3sjJ0w0PiEwH
\r
116 3pS9qgbk6hsfK84cUdBdg9xsqTcNC4UenlUNV2hbGUU911lZltU+FCzfODy6Jco1
\r
117 vhJy3AQ26iYTWCOmO3iL
\r
119 -----END PGP SIGNATURE-----
\r