Return-Path: <jrollins@finestructure.net>
X-Original-To: notmuch@notmuchmail.org
Delivered-To: notmuch@notmuchmail.org
Received: from localhost (localhost [127.0.0.1])
	by olra.theworths.org (Postfix) with ESMTP id 59174431FB6
	for <notmuch@notmuchmail.org>; Thu,  3 Feb 2011 12:34:33 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at olra.theworths.org
X-Spam-Flag: NO
X-Spam-Score: -2.29
X-Spam-Level: 
X-Spam-Status: No, score=-2.29 tagged_above=-999 required=5
	tests=[RCVD_IN_DNSWL_MED=-2.3, T_MIME_NO_TEXT=0.01] autolearn=disabled
Received: from olra.theworths.org ([127.0.0.1])
	by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id SHlHS51gceVN for <notmuch@notmuchmail.org>;
	Thu,  3 Feb 2011 12:34:32 -0800 (PST)
Received: from brinza.cc.columbia.edu (brinza.cc.columbia.edu [128.59.29.8])
	by olra.theworths.org (Postfix) with ESMTP id A9D2E431FB5
	for <notmuch@notmuchmail.org>; Thu,  3 Feb 2011 12:34:32 -0800 (PST)
Received: from servo.finestructure.net
	(adsl-69-106-236-138.dsl.pltn13.pacbell.net [69.106.236.138])
	(user=jgr2110 author=jrollins@finestructure.net mech=PLAIN bits=0)
	by brinza.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id p13KYPQT021364
	(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT);
	Thu, 3 Feb 2011 15:34:26 -0500 (EST)
Received: from jrollins by servo.finestructure.net with local (Exim 4.72)
	(envelope-from <jrollins@finestructure.net>)
	id 1Pl5sm-0005bT-PW; Thu, 03 Feb 2011 12:34:24 -0800
From: Jameson Rollins <jrollins@finestructure.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
	notmuch <notmuch@notmuchmail.org>
Subject: Re: new "crypto" branch providing full PGP/MIME support
In-Reply-To: <4D4B0761.7040603@fifthhorseman.net>
References: <4CF15D67.1070904@fifthhorseman.net>
	<87aak08fu8.fsf@servo.finestructure.net>
	<87fwsf9mip.fsf@servo.finestructure.net>
	<87tygl29vu.fsf@servo.finestructure.net>
	<87hbclkrvh.fsf@algae.riseup.net>
	<4D4B0761.7040603@fifthhorseman.net>
User-Agent: Notmuch/0.5-91-gbfa2e94 (http://notmuchmail.org) Emacs/23.2.1
	(i486-pc-linux-gnu)
Date: Thu, 03 Feb 2011 12:34:20 -0800
Message-ID: <8739o4luwj.fsf@servo.finestructure.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha256; protocol="application/pgp-signature"
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.68 on 128.59.29.8
X-BeenThere: notmuch@notmuchmail.org
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: "Use and development of the notmuch mail system."
	<notmuch.notmuchmail.org>
List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>
List-Archive: <http://notmuchmail.org/pipermail/notmuch>
List-Post: <mailto:notmuch@notmuchmail.org>
List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>
List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,
	<mailto:notmuch-request@notmuchmail.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Feb 2011 20:34:33 -0000

--=-=-=
Content-Transfer-Encoding: quoted-printable

On Thu, 03 Feb 2011 14:52:01 -0500, Daniel Kahn Gillmor <dkg@fifthhorseman.=
net> wrote:
> On 02/03/2011 11:25 AM, micah anderson wrote:
> > 1. I personally think notmuch-show-process-pgpmime should default to
> > true
>=20
> note that with it set to false, you can still M-RET (instead of RET) on
> an item in the summary window to have it set for that particular view.

This is also useful if you set notmuch-show-process-pgpmime and ever
come across a message that is causing crypto problems.  M-RET will
return you to the normal view.

> > 3. i'm not sure expired/revoked keys are handled properly - tested on a
> > message that was encrypted by a key that was revoked and got "End of
> > file during parsing"
>=20
> when you say "encrypted by" do you mean "encrypted to"?  do you have
> access to the corresponding secret key?

I also seem to be noticing issues with revoked keys.  I'm looking in to
the issue.  If anyone else notices something similar, please do relay
your experience.

> > 4. messages that I sent encrypted to someone are not also encrypted to
> > myself, which means that a thread which contains my replies isn't able
> > to decrypt my messages in that thread and results in a purple
> > 'decryption error'. Perhaps this is an emacs UI tweak that needs to be
> > made to get messages also encrypted to my own key?
>=20
> this is an issue for the emacs message modes (or maybe for your gpg
> configuration), not for notmuch.
>=20
> You either want to fix this in your emacs config by putting your
> fingerprint into mml2015-signers and setting mml2015-encrypt-to-self
>=20
> Or you want to set gpg's default-recipient-self option  (and
> default-recipient option if you hold more than one secret key and want
> to be sure it chooses the right one)

Actually, I think the gpg option we're looking for here is
"encrypt-to".  "default-recipient-self" sets the recipient only if none
other is specified.  I just set "encrypt-to <mykeyid>" in my gpg.conf
and it seems to do as expected (all encrypted messages are also
encrypted to myself).

jamie.

--=-=-=
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJNSxFMAAoJEO00zqvie6q83/cP/jOdDOV8jTpLPR3+kpyNNvuT
vmbRJwzEALfwgmiwcN6WJy0i0g5keGlXouLWuedrYbLViSikIMdikNEaHSwXfxIq
GGHGbGyOC+W5IzFgChTajWiiKeH2o5vbicyVF5eshy64YQyqc0W3206Yqb3L9cpH
jnlfxa1XXFAoWOiKndGJEkcjFTSG9N11CMk6VJ9aMxHUKIpciL4aUFobbO7b2Eak
Bg8B507H6F5R0mdyFL/n4LKtUfvZ71Hbk1u8IIdJ7+e3O6ER1uUDMwXBgjctcbL5
n91hQQUhX30/Xv/CicFh5egqUU4vHA2ilUdZ629eqeCAW0W9GvpKMu2F4eQJtSJG
ZfxKaqTCWIRJ6iFJwGhFOQUM9AVRH60XVVhEvD19nrrmBs1F83sF1hFRLx5V10Zb
MF51+dV4uDCfy0/uNcnBt97tGa82+WO5XqJqafpGTShVOQM1ytF164t1QB/zfW8z
wADAXOk9gJUK4e+iZITo1Am2P78OVk0jaX0QAlmtk/GYlWDr+Vkeonip0Ac2gkcL
0K81ZUEDO2Vcc8LGNr/cgwSVNrZmyQy0bDjfAcjbVU0la3/x+CoxAocPqH9DCZCK
ZXT4n7xLHA43i4ykNCQuvhxO7wxKXbPgEtWcaB7xd4npFePWOBhH7MsB78u54XIZ
5lPI774OeWAg6mos7NWe
=7zuF
-----END PGP SIGNATURE-----
--=-=-=--