Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 6020740DDE6 for ; Sat, 13 Nov 2010 08:00:41 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, UNPARSEABLE_RELAY=0.001] autolearn=ham Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lBPvlS+2OlJq for ; Sat, 13 Nov 2010 08:00:30 -0800 (PST) Received: from rodolpho.mayfirst.org (mail.freitas.net [209.234.253.107]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id DA36240DDC7 for ; Sat, 13 Nov 2010 08:00:29 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by rodolpho.mayfirst.org (Postfix) with ESMTP id 9D9B23CD5C for ; Sat, 13 Nov 2010 11:00:24 -0500 (EST) X-Virus-Scanned: Debian amavisd-new at rodolpho.mayfirst.org Received: from rodolpho.mayfirst.org ([127.0.0.1]) by localhost (rodolpho.mayfirst.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qVoAAbSAyFnL for ; Sat, 13 Nov 2010 11:00:24 -0500 (EST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: smtpauth@rodolpho.mayfirst.org) with ESMTPSA id 67DF93CD58 Message-ID: <4CDEB613.3080005@fifthhorseman.net> Date: Sat, 13 Nov 2010 11:00:19 -0500 From: Daniel Kahn Gillmor User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.9) Gecko/20100918 Icedove/3.1.4 MIME-Version: 1.0 To: notmuch Subject: Re: a proposed change to JSON output to report verification of PGP/MIME signatures. References: <4CDE4486.2050101@fifthhorseman.net> <87d3q91mf7.fsf@zancas.localnet> In-Reply-To: <87d3q91mf7.fsf@zancas.localnet> X-Enigmail-Version: 1.1.2 OpenPGP: id=D21739E9 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig6789897A68EE7D50C4C9FC7E" X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: notmuch List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Nov 2010 16:00:41 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig6789897A68EE7D50C4C9FC7E Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Thanks for the reply, David! On 11/13/2010 06:40 AM, David Bremner wrote: > Are both the forward and backward pointers needed? Technically, only the "signs" pointer is needed, i guess. I had included the "signedby" pointer so that frontends which process the list linearly know that a signed part will be referred to later by one or more signatures. If you think that's not actually useful, i'd be happy to drop the "signedby" pointer. What do other people think? >> Would it make more sense to do deeper structural modifications of the >> json output (e.g. return the full MIME tree instead of a list of parts= ) >> than to go with the current proposal? >=20 > Yeah, this occured to me too, especially since I think David Edmondson > has some changes in mind to support better handling of > multipart/alternative parts. Another related concern that occurred to me is that parts E and F in my example mail are technically part of the aggregate that is signed by I, but they apparently the end-user won't even know they exist (unless the frontend uses "notmuch show --format=3Dmbox"). This seems problematic if the message headers of the included message have relevance to the content. e.g. an e-mail that says "here's the phishing attempt i received" (Received: would be relevant) or "Look at the nasty things this guy said!" (From:, Subject:, and Date: would be relevant at least). David Edmonson, i'd be interested in hearing your proposal for restructuring the output to see how it might interact with my pieces here= =2E I also found it interesting to consider the range of possible non-leaf MIME types: https://secure.wikimedia.org/wikipedia/en/wiki/MIME#Multipart_messages http://www.iana.org/assignments/media-types/multipart/ --dkg --------------enig6789897A68EE7D50C4C9FC7E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJM3rYTAAoJEMzS7ZTSFznpn1oQAI+ASDXiCIU3H5AirGtgJVGV KApUy3chU3J0iPAaFfHapS1HyTLlgNwfH6hoNNjVAa2DqLjXi9xHFF/SyeLCY9nG eCS7gWYKzop//i7APiKn25FvzkHJRKX0DCer/flafmlxjHMA42nkUDI0Eqv9KNa7 kW4i0vhRDK+slP+WNsUla1r5DsUnaDHjX5ojLvv7S+Ej6hzmsssZTuvFzA4gv3yR M02n4cSewjM6kgcF6sKsONhTpZLN2saP7zlPuW9PEGIgwKb1MuZewT9PLJt42Cw+ m/fc6tBFGyXx+q/889FMSCz1MTS26rAioopG8DTK04SoAnv0+68nPQwhTQJiRMZ+ DwxfSdrdYovYC97wKPV55hR9KjUtbFv/ApGJqduAQXe2jSKNcppoekOU9PJqjcWf Pj4FpwZRtgVxNdVRKUVX1QbL9jbU4PCVTSHEvSExhITQ+km/H5u84ALxZ+nr0NV9 +L3E4NPxMowWBdYs+0GqsshGMFVNft+TKmQpWEqRA9Chua1qDqLFWwUjeDb7fp2w xAt2aA1K6n1Q/nvr5+eNQKB1QFwPgQxCkBw+IZM4eJ8ud+HZlu5OqjMA5rcckoeb 2/FLHmCy6yTvwlQM/2EjiqsGpuDZYJDZUMoDd3qF5zvQ4ZcPBIf72yVjYryqc13B kmeeaFcC1NHw3FFBGYP/ =hWfm -----END PGP SIGNATURE----- --------------enig6789897A68EE7D50C4C9FC7E--