On 14:41, Fri 08 Jan 10, micah anderson wrote: > On Fri, 8 Jan 2010 10:21:21 +0100, Ruben Pollan <[email protected]> wrote: > > On 15:56, Fri 08 Jan 10, martin f krafft wrote: > > > How about indexing GPG-encrypted messages? > > > > I think that would be security hole. You should not store the > > encrypted messages on a decrypted database. A solution whould be to > > encrypt as well the xapian DB, but I think is too complex for the use. > > Would you consider it a security hole if you stored your database on > encrypted media (such as on-disk block encryption)?
No, in this case should be not a security hole. But anyway what is secure and what not should be defined by the user. For some users may not be a security hole to store the email decrypted. But I think notmuch by default should not do so. This kind of things should be something that the user activate by hand knowing what she is doing. > I know that sup does this, when it ran over my mail store, it would > trigger my gpg agent so that it could decrypt the encrypted > messages. This was annoying because this happened every time it ran, > which meant that unless I had used gpg recently, my agent would pop up > and ask me for my passphrase, which was often. I didn't use sup. Don't know how it works. But that feature is technically possible. As I said before in my personal opinion that should not be the out-of-the-box behavior. > The way Mutt provides this functionality is by decrypting only when you > perform the search itself. Yes, but notmuch can not do that. notmuch indexes the messages and mutt not. -- Rubén Pollán | jabber:[email protected] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Lo hago para no volverme loco cuando noto que solo me queda un demonio en un hombro por que se ha cortado las venas el ángel que había en el otro.
signature.asc
Description: Digital signature
_______________________________________________ notmuch mailing list [email protected] http://notmuchmail.org/mailman/listinfo/notmuch
