Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by arlo.cworth.org (Postfix) with ESMTP id 4091C6DE0A9A for ; Fri, 11 Dec 2015 14:05:11 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at cworth.org X-Spam-Flag: NO X-Spam-Score: 0.697 X-Spam-Level: X-Spam-Status: No, score=0.697 tagged_above=-999 required=5 tests=[AWL=0.045, SPF_NEUTRAL=0.652] autolearn=disabled Received: from arlo.cworth.org ([127.0.0.1]) by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vUPSW1kvWmcm for ; Fri, 11 Dec 2015 14:05:09 -0800 (PST) Received: from guru.guru-group.fi (guru.guru-group.fi [46.183.73.34]) by arlo.cworth.org (Postfix) with ESMTP id 8A8BC6DE005F for ; Fri, 11 Dec 2015 14:05:09 -0800 (PST) Received: from guru.guru-group.fi (localhost [IPv6:::1]) by guru.guru-group.fi (Postfix) with ESMTP id 1E2D410004A; Sat, 12 Dec 2015 00:05:20 +0200 (EET) From: Tomi Ollila To: Daniel Kahn Gillmor , Notmuch Mail Subject: Re: allow indexing cleartext of encrypted messages In-Reply-To: <87zixhgfsu.fsf@alice.fifthhorseman.net> References: <1449718786-28000-1-git-send-email-dkg@fifthhorseman.net> <87zixhgfsu.fsf@alice.fifthhorseman.net> User-Agent: Notmuch/0.21+32~g73439f8 (http://notmuchmail.org) Emacs/24.3.1 (x86_64-unknown-linux-gnu) X-Face: HhBM'cA~ MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2015 22:05:11 -0000 On Fri, Dec 11 2015, Daniel Kahn Gillmor wrote: > On Wed 2015-12-09 22:39:37 -0500, Daniel Kahn Gillmor wrote: >> * the libnotmuch API is extended with >> notmuch_database_add_message_try_decrypt(). This should probably >> ultimately be more general, because there are a few additional >> knobs that i can imagine fiddling at indexing time. For example: >> >> * verifying cryptographic signatures and storing something about >> those verifications in the notmuch db >> >> * extracting OpenPGP session key information for a given message >> and storing it in a lookaside table in the notmuch db, so that >> it's possible to securely destroy old encryption-capable keys >> and still have local access to the cleartext of the remaining >> messages. >> >> Some of these additional features might be orthogonal to one >> another as well. I welcome suggestions for how to improve the API >> so that we don't end up with a combinatorial explosion of >> n_d_add_message_foo() functions. > > I have a proposal for how to do this better: > > I'll introduce a notmuch_index_options_t, with the usual constructors > and destructors and a couple functions: > > notmuch_index_options_set_try_decrypt() > notmuch_index_options_get_try_decrypt() > notmuch_index_options_set_gpg_path() > notmuch_index_options_get_gpg_path() > > Then i'll add: > > notmuch_database_add_message_with_options(db, fname, options, &message) > > If we add new indexing features, they can be set directly in the > index_options object (including features that might be more complex than > a string or a bool, like a chain of command-line filters). > > a few nice features of this approach: > > * The user of the library can craft a set of index options and repeat > it easily, and the options can contain cached/lazily-initialized > things (like GMimeCryptoContexts) if needed. > > * The user can index different messages with different options if they > prefer (no need to set the options on the database object itself) > > * the capability of the indexing features in the library is visible > directly in the exposed API. > > any thoughts on this? sounds good (on paper) (*) > > --dkg Tomi (*) deliberately declined to write 'looks good' >;) (but it's good)