Return-Path: <jrollins@finestructure.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id CBFED431FC0
	for <notmuch@notmuchmail.org>; Sun,  6 Apr 2014 23:16:37 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -2.3
X-Spam-Level: 
X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5
	tests=[RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id E4uwXgQxcduc for <notmuch@notmuchmail.org>;
	Sun,  6 Apr 2014 23:16:32 -0700 (PDT)
Received: from outgoing-mail.its.caltech.edu (outgoing-mail.its.caltech.edu
	[131.215.239.19])
	by olra.theworths.org (Postfix) with ESMTP id 0FDB4431FBF
	for <notmuch@notmuchmail.org>; Sun,  6 Apr 2014 23:16:32 -0700 (PDT)
Received: from earth-doxen.imss.caltech.edu (localhost [127.0.0.1])
	by earth-doxen-postvirus (Postfix) with ESMTP id B010066E0120;
	Sun,  6 Apr 2014 23:16:31 -0700 (PDT)
X-Spam-Scanned: at Caltech-IMSS on earth-doxen by amavisd-new
Received: from finestructure.net (cpe-107-185-189-81.socal.res.rr.com
	[107.185.189.81]) (Authenticated sender: jrollins)
	by earth-doxen-submit (Postfix) with ESMTP id B2DE966E0103;
	Sun,  6 Apr 2014 23:16:30 -0700 (PDT)
Received: by finestructure.net (Postfix, from userid 1000)
	id 5E9A460187; Sun,  6 Apr 2014 23:16:29 -0700 (PDT)
From: Jameson Graef Rollins <jrollins@finestructure.net>
To: Jani Nikula <jani@nikula.org>, notmuch@notmuchmail.org
Subject: Re: [PATCH] emacs: sign/encrypt replies to signed/encrypted messages
In-Reply-To: <1396689486-19232-1-git-send-email-jani@nikula.org>
References: <87a9f1c8aq.fsf@servo.finestructure.net>
	<1396689486-19232-1-git-send-email-jani@nikula.org>
User-Agent: Notmuch/0.17+174~gaa1f476 (http://notmuchmail.org) Emacs/24.3.1
	(x86_64-pc-linux-gnu)
Date: Sun, 06 Apr 2014 23:16:26 -0700
Message-ID: <8738hppsud.fsf@servo.finestructure.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Apr 2014 06:16:37 -0000

--=-=-=
Content-Type: text/plain

On Sat, Apr 05 2014, Jani Nikula <jani@nikula.org> wrote:
> This is a simple approach to improving security when replying to
> signed or encrypted messages. If the message being replied to was
> signed, add mml tag to sign the reply. If the message being replied to
> was encrypted, add mml tag to sign and encrypt the reply.

Jani, thank you so much for this patch!  This is really great, and I
very much appreciate your work on it.

I've tested it and so far it does exactly as advertised: replys to
encrypted messages automatically get the correct mml tags to encrypt the
reply.  I sign all messages by default, and it doesn't seem to interact
adversely with that configuration afaict.

> This may need configuration; I for one might want to encrypt replies
> to encrypted messages, but not always sign replies to signed messages.
>
> This still includes a slight bug: if any mml tags are added, they are
> included in the region containing the quoted parts. Killing the region
> will kill the mml tags too.

Both of these issues seem pretty minor to me.  It certainly gets my vote
to push without these additional features (especially considering the
security benefits).

I just have one comment below:

> diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
> index ba3ef275ec5e..9fb84b57b030 100644
> --- a/emacs/notmuch-mua.el
> +++ b/emacs/notmuch-mua.el
> @@ -224,7 +233,10 @@ list."
>  	(set-mark (point))
>  	(goto-char start)
>  	;; Quote the original message according to the user's configured style.
> -	(message-cite-original))))
> +	(message-cite-original)))
> +
> +    ;; Sign and/or encrypt replies to signed and/or encrypted messages.
> +    (notmuch-mua-reply-crypto (plist-get original :body)))

Maybe we should check to see if crypto processing is activated before
adding this additional crypto handling.  I would have guessed we might
want something like this instead:

    (when notmuch-show-process-crypto
      (notmuch-mua-reply-crypto (plist-get original :body))))

However, for some reason I can't get this to work.  It looks like
notmuch-show-process-crypto keeps evaluating to false in this context,
regardless of whether crypto processing has been engaged.  I'm unclear
why.  Anyone know see how notmuch-show-process-crypto would evaluate to
false here, even when it evaluates to true earlier in the same
notmuch-mua-reply call?

jamie.

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTQkK7AAoJEO00zqvie6q89/kP/2sIsdj6C6ltNvufSrTxFpHX
IytJX9+0pfB5Z3BjJ6vEDa3LTaQPmEZdnlcvGvx7Qe1D5ZONljTMR3xMWV4VCbAk
aFK5+Fvs70bChQQkvwjwo1OoZ16EOs/dkS+ZChq7UGJy/1hD1dOh0FV7MBdh/qMV
gjUD3iAvM7ShdvumcVYzE1aOxLfse1+LgKBTwt8yPH3DVHGxx9ixJn4nOqbIq2H7
10sDnLu9sMwqUr3Vt8FFPNuCDMhbFrLMXJVnm/odLKz6xQHfT3cpXEi0TP6KZrww
/VT8I5XtVE5ypmcDyWV18KgjYRNH8U2j6nv73AcP12Dlrc///LmS8gsEsrHq0wEh
8Y6YVwdzr8gRYb+6xNCUarrkP0GY9Oy7pSwZfms8H9mdfYMMVyNU41dpUdo2XSVs
40+Yf0j1gAt8lrAUY0Lry5oMdKFJZnhDk6BCP9TlYW3r0hYUYCl1i72+yPi0Pcio
gG/r2rDqP/6lS0MZUS79EI8k+GOeiKS059gvcHPvzPi6xWXhu5Nn1uL8t8keXTTL
P67IYQCCoMuAXnHt8EKSWpL2OLCemx/2ZMO9JRb+Spknrzj9rx6ButcCydC2LR6G
3/5r6J3/UgT8Sj++hNovTS3xT/AVk1z7l8XThIpzVTQsHLKXiHzh/7pKM1GX7Hn6
87u/MPqXm2Qt6xHBuYri
=BbLW
-----END PGP SIGNATURE-----
--=-=-=--