Header encryption / memoryhole

classic Classic list List threaded Threaded
3 messages Options
Varac Varac
Reply | Threaded
Open this post in threaded view
|

Header encryption / memoryhole

Hi,

I'd like to know the state of header encryption support for
notmuch (aka memoryhole) [1].
Since enigmail 2.0 is able to encrypt certain mail headers like
subject i.e. if GPG-encryption is used, more and more mails
show up in my mailbox with the subject "Encrypted message".
That's great, people adopt it!

The "Implementations" sections of [1] says:

"notmuch: Memory Hole for parsing is under development, notmuch doesn't generate
emails."

Can somebody please clarify the state here please ?
It would be great if notmuch could support it.

Greetings, Varac

[1] https://github.com/autocrypt/memoryhole

_______________________________________________
notmuch mailing list
[hidden email]
https://notmuchmail.org/mailman/listinfo/notmuch

signature.asc (817 bytes) Download Attachment
Daniel Kahn Gillmor Daniel Kahn Gillmor
Reply | Threaded
Open this post in threaded view
|

Header protection / memoryhole [was: Re: Header encryption / memoryhole]

On Mon 2018-04-02 18:58:28 +0200, Varac wrote:

> I'd like to know the state of header encryption support for
> notmuch (aka memoryhole) [1].

"memoryhole" refers to "protected headers", not just encrypted headers.
That is, the headers can be protected both by cryptographic signature
*and* by encryption.  This is a subtlety, but probably worth getting
right as we work on documentation and implementations.

This is on my list of things to work on for notmuch, but i'd be happy if
someone else beat me to it.  clearly i've taken too long to get this
done.

fwiw, memory-hole messages do display successfully in all versions of
notmuch i'm aware of, but they do so by rendering the "force-display"
part.  so notmuch currently uses the fallback arrangements as explicitly
intended by the original memoryhole draft.

as i see it, the steps are (in order):

 * handle encrypted subject correctly during message display time if the
   message is being decrypted.
 
 * handle encrypted subject specifically during message decryption at
   indexing time, storing it the correct subject field, instead of
   storing the "outside" subject.

 * suppress display of any "force-display" part during message display
   time.

 * handle any other cryptographically-protected headers during display
   and indexing.

 * generate protected headers when encrypting mail.


i welcome help with any of these steps :)

  --dkg

_______________________________________________
notmuch mailing list
[hidden email]
https://notmuchmail.org/mailman/listinfo/notmuch

signature.asc (233 bytes) Download Attachment
Varac Varac
Reply | Threaded
Open this post in threaded view
|

Re: Header protection / memoryhole [was: Re: Header encryption / memoryhole]

Hi Daniel,

Thanks for clarifying!

Greetings, Varac


Quoting Daniel Kahn Gillmor (2018-04-08 23:18:34)

> On Mon 2018-04-02 18:58:28 +0200, Varac wrote:
>
> > I'd like to know the state of header encryption support for
> > notmuch (aka memoryhole) [1].
>
> "memoryhole" refers to "protected headers", not just encrypted headers.
> That is, the headers can be protected both by cryptographic signature
> *and* by encryption.  This is a subtlety, but probably worth getting
> right as we work on documentation and implementations.
>
> This is on my list of things to work on for notmuch, but i'd be happy if
> someone else beat me to it.  clearly i've taken too long to get this
> done.
>
> fwiw, memory-hole messages do display successfully in all versions of
> notmuch i'm aware of, but they do so by rendering the "force-display"
> part.  so notmuch currently uses the fallback arrangements as explicitly
> intended by the original memoryhole draft.
>
> as i see it, the steps are (in order):
>
>  * handle encrypted subject correctly during message display time if the
>    message is being decrypted.
>  
>  * handle encrypted subject specifically during message decryption at
>    indexing time, storing it the correct subject field, instead of
>    storing the "outside" subject.
>
>  * suppress display of any "force-display" part during message display
>    time.
>
>  * handle any other cryptographically-protected headers during display
>    and indexing.
>
>  * generate protected headers when encrypting mail.
>
>
> i welcome help with any of these steps :)
>
>   --dkg

_______________________________________________
notmuch mailing list
[hidden email]
https://notmuchmail.org/mailman/listinfo/notmuch

signature.asc (817 bytes) Download Attachment