-
--------------------------
-
-proposed session:
----------
- * Improving the security of the Emacs MML mime composer
- * Searching of GPG encrypted mail
- * Auditing and fixing "webbug" style problems in front ends
----------
-
-more complete agenda:
-
- * S/MIME signatures and encryption
- * test suites
- * integration with other keyrings
- * signature only (easyish) versus encryption (more work)
- * Improving the security of the Emacs MML mime composer
- * automated "encrypt-when-i-have-keys-available" mode or other convenience functions?
- * can an adversary force signatures based on quoted text?
- * generate memory-hole-style messages
- * Searching of GPG encrypted mail
- * possible implementation mechanism: "notmuch reindex --with-filter=decrypt"
- * Auditing and fixing "webbug" style problems in front ends
- * can we instruct emacs to restrict all network access from notmuch?
- * what other frontends might call out to the network?
- * Making notmuch build reproducibly
- * https://reproducible.debian.net/rb-pkg/unstable/amd64/notmuch.html
- * Protect against spoofed signature verification?
- * how do we deal with multipart messages where only a subtree is signed?
- * are other sorts of spoofing possible?
- * read and display memory-hole-style messages
- * "safe" ways to display html parts (e.g. without text/plain alternatives)
-
-