Return-Path: <john.wyzer@gmx.de>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 49487431FC0
	for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 12:08:51 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level: 
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5
	tests=[FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001]
	autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id cOhhRZ4ZPrtA for <notmuch@notmuchmail.org>;
	Sat,  5 Apr 2014 12:08:46 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id 43CA7431FAF
	for <notmuch@notmuchmail.org>; Sat,  5 Apr 2014 12:08:46 -0700 (PDT)
Received: from localhost ([77.12.75.61]) by mail.gmx.com (mrgmx101) with
	ESMTPSA (Nemesis) id 0MHLNn-1WkYDi1cqB-00E28X; Sat, 05 Apr 2014 21:03:21
	+0200
From: john.wyzer@gmx.de
To: Jeremy Nickurak <not-much@trk.nickurak.ca>,
	David Bremner <david@tethera.net>
Subject: Re: Feature suggestion. Indexing encrypted mail?
In-Reply-To:
 <CA+eQo_3AFofQ3gSxvce2e_d5bbaT_e00zA30xeyOxbYCpQhsNA@mail.gmail.com>
References: <86k3b3ybo6.fsf@someserver.somewhere>
	<878urj1z3j.fsf@maritornes.cs.unb.ca>
	<CA+eQo_3AFofQ3gSxvce2e_d5bbaT_e00zA30xeyOxbYCpQhsNA@mail.gmail.com>
User-Agent: Notmuch/0.17 (http://notmuchmail.org) Emacs/24.3.1
	(x86_64-pc-linux-gnu)
Date: Sat, 05 Apr 2014 21:03:04 +0200
Message-ID: <86ha67y4yf.fsf@someserver.somewhere>
MIME-Version: 1.0
Content-Type: text/plain
X-Provags-ID: V03:K0:UDP3DQJ1j8rgyGGxu6kOUsUOKE+hUouKekpazcWt/RfFkKmgFgD
	thuM+XstpKWyL5En+mBHu+s/kcXAQYk348Br0/mSiRvGAN21vOD9Xwz9h5S4bbuMT/jgZ8t
	+2jgyNa6If+Cy6tFrXUyYWe0sT1yaAFJkj8aExb4eHTSnC8rDclXCSgrKIBB20pzK3E84vZ
	PfncMu1YSVLJFBTnH4eRg==
Cc: Notmuch Mailing List <notmuch@notmuchmail.org>,
	Daniel Kahn Gillmor <dkg@debian.org>
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 19:08:51 -0000

Jeremy Nickurak <not-much@trk.nickurak.ca> writes:

> Off the top of my head, you could have an encrypted index too, which you
> can only search while able to decrypt. Certainly another level of
> complexity.
>

But why add so much complexity? 

If a user decides that either transport security is enough or
additionally the hard disk is encrypted (why store an encrypted index on
an encrypted hard disk?), said user could just switch on an option in
the notmuch configuration that causes notmuch to ask for the password
before or while indexing new messages and to add decrypted messages to the
normal index as well.


The level of security would be up to the user by means of said
configuration option and those that want the convenience of searching
encrypted messages could have it.

Personally I would argue that if an attacker has the means to access the
content of my hard disk either via the network or physically, there is
no difference between having whole disk encryption and storing an
encrypted index...