4 * Bremner and dkg are co-hosting a BoF at [debconf](https://summit.debconf.org/debconf15/meeting/217/improving-privacy-and-security-for-notmuch-mail/).
6 * The meeting is Monday 2015-08-17, 1700-1800 CET
8 * Video streaming should be [available](https://wiki.debconf.org/wiki/DebConf15/Videostream/Amsterdam)
10 * We will probably use
11 [gobby](https://packages.debian.org/jessie/gobby) for collaborative
12 editing. Unfortunately the infinote backend for emacs-rudel seems
13 not work. After installing gobby (>= 5.0), run
15 % gobby infinote://gobby.debian.org/debconf15/bof/notmuch-privacy-and-security
21 Moving parts for secure e-mail
23 * libxapian (C++, full text search)
24 * libgmime (C, glib, RFC822+MIME library)
25 * libnotmuch (C and C++)
26 * /usr/bin/notmuch (C)
28 * Emacs UI (emacs lisp)
30 * mml-mode, mm multimedia rendering library
31 * Alot / nmbug / nmbug-status (python)
35 * notmuch web (Haskell)
37 Security and privacy concerns
38 -----------------------------
39 * message-id collisions
40 * rendering "rich" messages
41 * network access in front ends
42 * safe rendering of HTML
43 * rendering security information
45 * partially signed messages
47 * wrong key selection during composition
48 * reply (message mode defaults)
49 * opportunistic signing and encryption
50 * using markup for security
53 * authentication/authorization (multiple users?)
54 * message escaping (XSS, etc)
56 * terminal escape sequences
60 * integration with other keyrings
61 * reproducible builds:
62 [sphinx man pages](https://reproducible.debian.net/rb-pkg/testing/amd64/notmuch.html)
63 * decryption happens in the CLI rather than the UI
64 * when using the UI and the CLI on different machines (so called "remote" mode), this leads to some undesirable and odd behaviour:
65 * decrypted content is passed across a potentially insecure channel (though usually ssh)
66 * the CLI needs access to keys, which can be awkward or impossible
68 Usability as security?
69 ----------------------
71 * Indexing encrypted mail
72 * incremental re-indexing?
73 * Memory Hole protected headers
74 * Key selection indicators during composition
79 * based on moving part