X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=meetings%2Fhd2015.mdwn;h=0d4292ca673a0d02dfc0399fc48f66150822f807;hb=c5002da580f38cdb3acf84db30b7ab401b2a0709;hp=1a819cc4b48e9dc68e7c6732cb7f044a774ae617;hpb=c0a5f7b8040ea25434a3fe6edcca22a4c60fab6c;p=notmuch-wiki

diff --git a/meetings/hd2015.mdwn b/meetings/hd2015.mdwn
index 1a819cc..0d4292c 100644
--- a/meetings/hd2015.mdwn
+++ b/meetings/hd2015.mdwn
@@ -20,7 +20,7 @@ Moving parts for secure e-mail
 * GnuPG (C)
 * Emacs UI (emacs lisp)
   * notmuch-emacs
-  * mml-mode
+  * mml-mode, mm multimedia rendering library
 * Alot / nmbug / nmbug-status (python)
   * python-bindings
 * webmail:
@@ -29,29 +29,38 @@ Moving parts for secure e-mail
 
 Security and privacy concerns
 -----------------------------
-* privacy leaks rendering messages
 * message-id collisions
+* rendering "rich" messages
+  * network access in front ends
+  * safe rendering of HTML
+* rendering security information
+  * spoofing signatures
+  * partially signed messages
 * Oops I just sent...
   * wrong key selection during composition
   * reply (message mode defaults)
+  * opportunistic signing and encryption
+  * using markup for security
 * inline PGP
-
-* webmail authentication/authorization (multiple users?)
-* webmail message escaping (XSS, etc)
+* webmail
+  * authentication/authorization (multiple users?)
+  *  message escaping (XSS, etc)
 * shell injection
 * terminal escape sequences
 * S/MIME support
   * signatures
   * encryption
+  * integration with other keyrings
 * reproducible builds:
   [sphinx man pages](https://reproducible.debian.net/rb-pkg/testing/amd64/notmuch.html)
 
-### usability as security?
+Usability as security?
+----------------------
 
-* indexing encrypted mail
+* Indexing encrypted mail
+  * incremental re-indexing?
 * Memory Hole protected headers
-* key selection indicators during composition
-
+* Key selection indicators during composition
 
 Breakout sessions
 -----------------
@@ -62,31 +71,3 @@ Reportbacks
 -----------
 
 
-
--------------------------
-
-
-more complete agenda:
-
-        * S/MIME signatures and encryption
-            * test suites
-            * integration with other keyrings
-            * signature only (easyish) versus encryption (more work)
-        * Improving the security of the Emacs MML mime composer
-            * automated "encrypt-when-i-have-keys-available" mode or other convenience functions?
-            * can an adversary force signatures based on quoted text?
-            * generate memory-hole-style messages
-        * Searching of GPG encrypted mail
-            * possible implementation mechanism: "notmuch reindex --with-filter=decrypt"
-        * Auditing and fixing "webbug" style problems in front ends
-            * can we instruct emacs to restrict all network access from notmuch?
-            * what other frontends might call out to the network?
-        * Making notmuch build reproducibly
-            * https://reproducible.debian.net/rb-pkg/unstable/amd64/notmuch.html
-        * Protect against spoofed signature verification?
-            * how do we deal with multipart messages where only a subtree is signed?
-            * are other sorts of spoofing possible?
-        * read and display memory-hole-style messages
-        * "safe" ways to display html parts (e.g. without text/plain alternatives)
-
-