thread-based email index, search, and tagging https://git.notmuchmail.org/git/notmuch/atom?h=0.26 2017-12-08T12:08:47Z 2017-12-08T12:08:47Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-08T06:24:02Z urn:sha1:fccebbaeef1e4b6489425afb13f419543d53d285 Here's the configuration choice for people who want a cleartext index, but don't want stashed session keys. Interestingly, this "nostash" decryption policy is actually the same policy that should be used by "notmuch show" and "notmuch reply", since they never modify the index or database when they are invoked with --decrypt. We take advantage of this parallel to tune the behavior of those programs so that we're not requesting session keys from GnuPG during "show" and "reply" that we would then otherwise just throw away. 2017-12-08T12:08:47Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-08T06:24:01Z urn:sha1:29648a137c5807135ab168917b4a51d5e19e51c2 If you're going to store the cleartext index of an encrypted message, in most situations you might just as well store the session key. Doing this storage has efficiency and recoverability advantages. Combined with a schedule of regular OpenPGP subkey rotation and destruction, this can also offer security benefits, like "deletable e-mail", which is the store-and-forward analog to "forward secrecy". But wait, i hear you saying, i have a special need to store cleartext indexes but it's really bad for me to store session keys! Maybe (let's imagine) i get lots of e-mails with incriminating photos attached, and i want to be able to search for them by the text in the e-mail, but i don't want someone with access to the index to be actually able to see the photos themselves. Fret not, the next patch in this series will support your wacky uncommon use case. 2017-12-08T12:08:46Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-08T06:23:57Z urn:sha1:181d4091c408b8ca014ec245ecdae602942b70ce we also include --decrypt=auto in the tab completion. 2017-12-08T12:05:53Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-12-08T06:23:50Z urn:sha1:d3964e81ac98825a025a6120c488ebd73de2a281 the command-line interface for indexing (reindex, new, insert) used --try-decrypt; and the configuration records used index.try_decrypt. But by comparison with "show" and "reply", there doesn't seem to be any reason for the "try" prefix. This changeset adjusts the command-line interface and the configuration interface. For the moment, i've left indexopts_{set,get}_try_decrypt alone. The subsequent changeset will address those. 2017-11-08T14:46:44Z Jani Nikula jani@nikula.org 2017-10-14T13:15:43Z urn:sha1:733ccfabca350f65a1d0ba1f64792a8a436da273 Now that it's easy to add argument specific modifiers in opt descriptions, add a new .allow_empty field to allow empty strings for individual string arguments while retaining strict checks elsewhere. Use this for notmuch insert --folder, where the empty string means top level folder. 2017-10-21T22:58:43Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-10-21T02:25:47Z urn:sha1:c5356b9ed56e42d36ca18206155b62c94cfbd79d Enable override of the index.try_decrypt setting on a per-message basis when invoking "notmuch insert". We also update the documentation and tab completion, and add more tests. 2017-10-19T01:36:39Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-10-17T16:57:21Z urn:sha1:6499fce3911df2646db67c0f1ff65672324904f0 This will make future diffs cleaner, make it easier to keep them alphabetical, and make it easier to scan and search the documentation sources. 2017-07-18T09:50:44Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2017-07-17T22:16:02Z urn:sha1:87bdfbc91f65cb1031ef0ac8a804759f2061ac10 2016-12-15T11:21:02Z David Bremner david@tethera.net 2016-12-07T11:27:12Z urn:sha1:3d312e2577820f7c14df24be305da715d4ea74ee 2016-09-12T11:16:35Z Daniel Kahn Gillmor dkg@fifthhorseman.net 2016-09-12T02:23:48Z urn:sha1:89c8d279480aa618bed5ef074f9166dbf818e6eb