Return-Path: <m.walters@qmul.ac.uk>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 2468E431FBC
	for <notmuch@notmuchmail.org>; Mon,  7 Apr 2014 14:06:36 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -1.098
X-Spam-Level: 
X-Spam-Status: No, score=-1.098 tagged_above=-999 required=5
	tests=[DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001,
	NML_ADSP_CUSTOM_MED=1.2, RCVD_IN_DNSWL_MED=-2.3] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Pa8UFgxu0Qgb for <notmuch@notmuchmail.org>;
	Mon,  7 Apr 2014 14:06:32 -0700 (PDT)
Received: from mail2.qmul.ac.uk (mail2.qmul.ac.uk [138.37.6.6])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by olra.theworths.org (Postfix) with ESMTPS id 13DE2431FB6
	for <notmuch@notmuchmail.org>; Mon,  7 Apr 2014 14:06:32 -0700 (PDT)
Received: from smtp.qmul.ac.uk ([138.37.6.40])
	by mail2.qmul.ac.uk with esmtp (Exim 4.71)
	(envelope-from <m.walters@qmul.ac.uk>)
	id 1WXGkA-0000NS-7Q; Mon, 07 Apr 2014 22:06:16 +0100
Received: from [138.37.84.75] (helo=localhost)
	by smtp.qmul.ac.uk with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.71)
	(envelope-from <m.walters@qmul.ac.uk>)
	id 1WXGk9-0003BB-Sh; Mon, 07 Apr 2014 22:06:13 +0100
From: Mark Walters <markwalters1009@gmail.com>
To: Jeremy Nickurak <not-much@trk.nickurak.ca>,
	Jameson Graef Rollins <jrollins@finestructure.net>
Subject: Re: Feature suggestion. Indexing encrypted mail?
In-Reply-To:
 <CA+eQo_3hUAc3uMWw6Hb2JLBATiBDS96GozCa5jqT_1sWz1Y=hQ@mail.gmail.com>
References: <86k3b3ybo6.fsf@someserver.somewhere>
	<878urj1z3j.fsf@maritornes.cs.unb.ca>
	<87txa7pp8z.fsf@servo.finestructure.net>
	<20140406091516.GG26903@vilya.m0g.net>
	<5341D252.90405@fifthhorseman.net>
	<867g71y327.fsf@someserver.somewhere>
	<87ob0dnndk.fsf@servo.finestructure.net>
	<CA+eQo_3hUAc3uMWw6Hb2JLBATiBDS96GozCa5jqT_1sWz1Y=hQ@mail.gmail.com>
User-Agent: Notmuch/0.15.2+615~g78e3a93 (http://notmuchmail.org) Emacs/23.4.1
	(x86_64-pc-linux-gnu)
Date: Mon, 07 Apr 2014 22:06:13 +0100
Message-ID: <87d2gsonne.fsf@qmul.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Sender-Host-Address: 138.37.84.75
X-QM-Geographic: According to ripencc,
	this message was delivered by a machine in Britain (UK) (GB).
X-QM-SPAM-Info: Sender has good ham record.  :)
X-QM-Body-MD5: 4a30019b1195bcf368810456a706d6b8 (of first 20000 bytes)
X-SpamAssassin-Score: 0.0
X-SpamAssassin-SpamBar: /
X-SpamAssassin-Report: The QM spam filters have analysed this message to
	determine if it is
	spam. We require at least 5.0 points to mark a message as spam.
	This message scored 0.0 points. Summary of the scoring: 
	* 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
	provider *      (markwalters1009[at]gmail.com)
X-QM-Scan-Virus: ClamAV says the message is clean
Cc: Notmuch Mailing List <notmuch@notmuchmail.org>,
	Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
	Daniel Kahn Gillmor <dkg@debian.org>
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Apr 2014 21:06:36 -0000


On Mon, 07 Apr 2014, Jeremy Nickurak <not-much@trk.nickurak.ca> wrote:
> Nonetheess, if you can tell from the index that a given message contains
> the words "hotel" "wine" "wife" "secret" and "rendezvous", you can infer a
> *lot* about the contents of encrypted contents of the message.

I think it is worse that that: I think (from what people said on irc
some time ago) that the index contains the word and the position of that
word so essentially the whole message can be reconstructed from the
index.

Best wishes

Mark



>
>
> On Mon, Apr 7, 2014 at 9:57 AM, Jameson Graef Rollins <
> jrollins@finestructure.net> wrote:
>
>> On Mon, Apr 07 2014, john.wyzer@gmx.de wrote:
>> >> confess i haven't been following closely), it wouldn't be much extra
>> >> effort for someone to implement a filter that strips encryption from the
>> >> message.  (this might still have the problem mentioned above about also
>> >> stripping PGP/MIME signatures, but the signatures and the decrypted
>> >> message itself would remain intact so they could be shown directly by
>> >> notmuch show without trouble).
>> >
>> > I don't understand that. :-(
>> > This sounds as if the view of the message is not generated from the
>> > mail storage. Isn't the purpose of the index to find the appropriate
>> > message file and everything else is generated from that file?
>>
>> I think that's exactly what Daniel is saying: what's viewed comes from
>> the message directly, and not from the db.
>>
>> jamie.
>>
>> _______________________________________________
>> notmuch mailing list
>> notmuch@notmuchmail.org
>> http://notmuchmail.org/mailman/listinfo/notmuch
>>
>>
> _______________________________________________
> notmuch mailing list
> notmuch@notmuchmail.org
> http://notmuchmail.org/mailman/listinfo/notmuch