Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 257DE431FB6 for ; Thu, 3 Feb 2011 08:25:08 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -0.689 X-Spam-Level: X-Spam-Status: No, score=-0.689 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_LOW=-0.7, T_MIME_NO_TEXT=0.01, UNPARSEABLE_RELAY=0.001] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vNtBaRsL4k4G for ; Thu, 3 Feb 2011 08:25:07 -0800 (PST) Received: from mx1.riseup.net (mx1.riseup.net [204.13.164.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id 88901431FB5 for ; Thu, 3 Feb 2011 08:25:07 -0800 (PST) Received: from tern.riseup.net (tern-pn.riseup.net [10.0.1.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id 825E0191C74; Thu, 3 Feb 2011 08:25:06 -0800 (PST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: micah@tern.riseup.net) with ESMTPSA id D4FBD14C12E Received: by algae (Postfix, from userid 1000) id 82C90419FD; Thu, 3 Feb 2011 11:25:06 -0500 (EST) From: micah anderson To: Jameson Rollins , notmuch Subject: Re: new "crypto" branch providing full PGP/MIME support In-Reply-To: <87tygl29vu.fsf@servo.finestructure.net> References: <4CF15D67.1070904@fifthhorseman.net> <87aak08fu8.fsf@servo.finestructure.net> <87fwsf9mip.fsf@servo.finestructure.net> <87tygl29vu.fsf@servo.finestructure.net> User-Agent: Notmuch/0.5 (http://notmuchmail.org) Emacs/23.2.1 (i486-pc-linux-gnu) Date: Thu, 03 Feb 2011 11:25:06 -0500 Message-ID: <87hbclkrvh.fsf@algae.riseup.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Virus-Scanned: clamav-milter 0.96.5 at mx1 X-Virus-Status: Clean X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2011 16:25:08 -0000 --=-=-= Content-Transfer-Encoding: quoted-printable On Wed, 02 Feb 2011 17:18:45 -0800, Jameson Rollins wrote: > Hi, all. I have pushed a new branch called "crypto" to my notmuch > repository [0]. This branch provides full support for PGP/MIME signed > and encrypted messages, including emacs UI support. It has been applied > on top of cworth's current master (21e97c50). It includes the > following: >=20 > * David Edmondson's improved multipart handling patch series (cherry-pick= ed) > * Daniel Gillmor's PGP/MIME signature verification patch series (cherry-p= icked) > * my PGP/MIME decryption+verification patch series > * a test suite for signature verification and decryption > * emacs support for the above Don't forget that you also included man page changes! > Please test and provide feedback. I would really like to see this > series merged into the mainline for the next release, if at all > possible. I've really really really wanted this functionality, so I pulled this right away and have been testing it, its really slick! I like how the emacs UI gives you good visual feedback for different signature states (I had red for a signature from Sebastian Spaeth because I did not have the key; orange for when I obtained that key; and green for Jameson and dkg's mails because I have exchanged keys with them and have full validity for them; and purple for a decryption error). The minor delay in opening a thread with signatures is not bad, and is to be expected. And messages that are PGP/MIME encrypted are decrypted automatically, wow, this is amazing. I enthusiastically support merging this into mainline for the next release. I have a couple points of feedback that I do not think should hold up merging this work: 1. I personally think notmuch-show-process-pgpmime should default to true 2. in-line pgp messages don't have any processing done on them. getting the mime-encoded processing work is a huge step and I'm happy that works, in-line can (and IMHO, should) come later 3. i'm not sure expired/revoked keys are handled properly - tested on a message that was encrypted by a key that was revoked and got "End of file during parsing" 4. messages that I sent encrypted to someone are not also encrypted to myself, which means that a thread which contains my replies isn't able to decrypt my messages in that thread and results in a purple 'decryption error'. Perhaps this is an emacs UI tweak that needs to be made to get messages also encrypted to my own key? 5. unknown keys are represented in a long format, eg. '0x5585F58CC827A062' when most tools represent them just with their shortened keyid (in this case this one would be: 0xC827A062), is there a particular reason for this? I recognize some people's keyids in the short form, but do not in the longform. 6. this is awesome, huge thanks to everyone who has worked on this! micah --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCgAGBQJNStbiAAoJEIy/mjIoYaeQ8SEP/RpOut1mWwOla0rQGmAyg7wi wAwdtCxlCFCRsNLg9FjPodaB76/exmnPGAYamZwT7z4OdMjq+BZI/iNY+Bqsl6wX mr/pASDgxXLnsM40fJUP3UiqhJVwyryenBZSY3n8TSjnSiDS9RUxmyQsjznW8BQu s6iyV60KEGSP4fRvdPvQXcFaxkAUxu3wobhbc+o5OqokbY6nh7UxMWEoFJ4AnpyC KB0mCQ1eFT+3yecRvhzt4gReVFrCM6KCAnsYI+24t8+WlWTdfRct+ZcStiZC8Ky9 A/wRP+4qjJBAkJ9QWmVD0R+N78bNVAC63ki9/ty8xnOOzvjNllNqc67Ch2fm707U VzrLViuT3WGHb32+S8reJ7bF8FGkL+LKtgCefvqAUJNSJN6HRHmmqoAMWM4Bdoc/ tFlrqxHyXJfTOxIkrK4MR8IQjzYThT7PMRm1iF6xhn9oNcITZJdpyEU2yN+nMyuv ufojuc4MkUaCqXZaPoPI5gHlpjxMckE8moLgaypJsvs9KFRXpqdXt3JjhHW8vPCe dALlLxgybn4k1SOXQ5y/bxTMQkBoBDw2UhUlT6Wcv1/ZPds8BE06lJ2MZ5IxuwZB YBeU35UdSB5NdVd+3FCtiNqv1x+GGjh02tdK+J6YVh2qy1pVDrGoc+Ag8Wtd4Uv7 /zrgtmsN2wdOs3E88FzT =s9mc -----END PGP SIGNATURE----- --=-=-=--