Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id 19CCF431FAF for ; Sat, 5 Apr 2014 11:35:30 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: -0.699 X-Spam-Level: X-Spam-Status: No, score=-0.699 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id woIo+HywijDA for ; Sat, 5 Apr 2014 11:35:18 -0700 (PDT) Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com [209.85.212.177]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by olra.theworths.org (Postfix) with ESMTPS id 71466431FAE for ; Sat, 5 Apr 2014 11:35:18 -0700 (PDT) Received: by mail-wi0-f177.google.com with SMTP id cc10so2948724wib.4 for ; Sat, 05 Apr 2014 11:35:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nickurak.ca; s=google-dkim; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=iDej/pzKq255tYVP+E+OLnrgcHpp8KyicjMG8weudZs=; b=YLmi1ICVtqNWEBFKmpoIZ5DK2BpJkwounRG4nKrSrk42kuf4lQ2fgEPDCP8qe3ePWP 8YqHZ02KmW5kyyuc8wL8lY7niCdzm9ButmzNCqvIg4IHDZ2q04z2eu0bJygANgAHmvzJ ITv3PdyPGPJEfS+OQnuXsEDehGJbn53FKVxbY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=iDej/pzKq255tYVP+E+OLnrgcHpp8KyicjMG8weudZs=; b=hq07RD7F6/pYWU4k9PTk/Euzwbubf0Vg/k012cVDggsj7qhfYJEYzjmZ6mWjIk0edx /J/xxmg2JeFpiHV/sI24RWbvLIZ+/wMgXwX00CJGEX7B4aQARLqFZrLGGsxDlzN+IJNN iWoyporPi3xdHBSZ1vENZeOS15TfYxtMV/qfHUmBjz7b5QWthDH3v/BaNMUddtVP9xpD 6SUufXstFcGPE7TStyoU9M9H6nZ+Neb2qb5f9tqHkOhRy24tCAFhL50Fg+iqqOysFGBo xtfB4KgQfP2tqNw6cUiyneXbWVWJH4wAAak6zExNm1L1HXClKhU/Am8jZJcJ49wRUq84 qm7g== X-Gm-Message-State: ALoCoQnmdgUYurTo0KYZCp/6+0E3mgwTcG7HF6UZcV3HBuja6x3XeRl4fDuHQiRw8XZrD3KCyMGW MIME-Version: 1.0 X-Received: by 10.194.203.2 with SMTP id km2mr29701491wjc.72.1396722914574; Sat, 05 Apr 2014 11:35:14 -0700 (PDT) Sender: jeremy@nickurak.ca Received: by 10.216.122.200 with HTTP; Sat, 5 Apr 2014 11:35:14 -0700 (PDT) X-Originating-IP: [96.52.225.98] In-Reply-To: <878urj1z3j.fsf@maritornes.cs.unb.ca> References: <86k3b3ybo6.fsf@someserver.somewhere> <878urj1z3j.fsf@maritornes.cs.unb.ca> Date: Sat, 5 Apr 2014 12:35:14 -0600 X-Google-Sender-Auth: TXJOBCrA3fKEWvkN2XthR_b8eAc Message-ID: Subject: Re: Feature suggestion. Indexing encrypted mail? From: Jeremy Nickurak To: David Bremner Content-Type: multipart/alternative; boundary=047d7b8736ec2c5e5004f64fe506 Cc: Notmuch Mailing List , Daniel Kahn Gillmor X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Apr 2014 18:35:30 -0000 --047d7b8736ec2c5e5004f64fe506 Content-Type: text/plain; charset=UTF-8 Off the top of my head, you could have an encrypted index too, which you can only search while able to decrypt. Certainly another level of complexity. On Sat, Apr 5, 2014 at 11:10 AM, David Bremner wrote: > john.wyzer@gmx.de writes: > > > Would it be possible to add the configurable option to also decrypt > > encrypted messages on the fly while indexing to make them searchable, > > too? > > > > That would be really great for people that consider gnupg mainly an > > encryption for transport or have their complete hard drive encrypted... > > As far I understand an attacker could reconstruct the message from the > index, so one question is whether the extra complexity in notmuch is > worth the minimal extra security over decrypting on delivery and storing > plaintext on the (presumably encrypted) disk. Of course decrypting on > delivery may be inconvenient (or impossible). I have CCed the two people > who have implemented most of the crypto related stuff in notmuch so they > can comment. > > d > _______________________________________________ > notmuch mailing list > notmuch@notmuchmail.org > http://notmuchmail.org/mailman/listinfo/notmuch > --047d7b8736ec2c5e5004f64fe506 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Off the top of my head, you could have an encrypted index = too, which you can only search while able to decrypt. Certainly another lev= el of complexity.


On Sat, Apr 5, 2014 at 11:10 AM, David Bremner <david@tethera.net><= /span> wrote:
john.wyzer@gmx.de = writes:

> Would it be possible to add the configurable option to also decrypt > encrypted messages on the fly while indexing to make them searchable,<= br> > too?
>
> That would be really great for people that consider gnupg =C2=A0mainly= an
> encryption for transport or have their complete hard drive encrypted..= .

As far I understand an attacker could reconstruct the message from th= e
index, so one question is whether the extra complexity in notmuch is
worth the minimal extra security over decrypting on delivery and storing plaintext on the (presumably encrypted) disk. Of course decrypting on
delivery may be inconvenient (or impossible). I have CCed the two people who have implemented most of the crypto related stuff in notmuch so they can comment.

d
_______________________________________________
notmuch mailing list
notmuch@notmuchmail.org
http://notmuchmail.org/mailman/listinfo/notmuch

--047d7b8736ec2c5e5004f64fe506--