On Sun, Jan 31 2016, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote:
> This is the third draft of the series initially announced in > id:1449718786-28000-1-git-send-email-...@fifthhorseman.net (second > draft was in > id:1453258369-7366-1-git-send-email-...@fifthhorseman.net). It > differs from v2 in that it incorporates the recent improvements in > detecting and processing S/MIME signatures. Looks pretty good. Nothing to bikeshed. Did not run tests yet. Tomi > > From the v2 description: > >> Notmuch currently doesn't index the cleartext of encrypted mail. This >> is the right choice by default, because the index is basically >> cleartext-equivalent, and we wouldn't want every indexed mailstore to >> leak the contents of its encrypted mails. >> >> However, if a notmuch user has their index in a protected location, >> they may prefer the convenience of being able to search the contents >> of (at least some of) their encrypted mail. >> >> This series of patches enables notmuch to index the cleartext of >> specific encrypted messages when they're being added via "notmuch new" >> or "notmuch insert", via a new --try-decrypt flag. >> >> If --try-decrypt is used, and decryption is successful for part of a >> message, the message gets an additional "index-decrypted" tag. If >> decryption of part of a message fails, the message gets an additional >> "index-decryption-failed" tag. > > v2 addresses the concerns raised from the helpful feedback on the > previous series, and adds a notmuch_indexopts_t object that can be > used to declare options for indexing messages, including a > "try_decrypt" boolean. > > Additionally, this series adds a new function to libnotmuch: > > notmuch_message_reindex (notmuch_message_t *message, > notmuch_indexopts_t *indexopts) > > Which allows user of the library to adjust the indexing options of a > given message. > > The CLI is additionally augmented with a new notmuch subcommand, > "notmuch reindex", which also has a --try-decrypt flag. > > So a user who has their message index stored securely and wants to > index the cleartext of all encrypted messages they've received can do > something like: > > notmuch reindex --try-decrypt tag:encrypted and not tag:index-decrypted > > Or can clear all indexed cleartext from their database with: > > notmuch reindex tag:encrypted and tag:index-decrypted > > > _______________________________________________ > notmuch mailing list > notmuch@notmuchmail.org > https://notmuchmail.org/mailman/listinfo/notmuch _______________________________________________ notmuch mailing list notmuch@notmuchmail.org https://notmuchmail.org/mailman/listinfo/notmuch