X-Git-Url: https://git.cworth.org/git?a=blobdiff_plain;f=meetings%2Fhd2015.mdwn;h=706235602d0898faba0b2580d4a91e115020f3bc;hb=43f0b1e82ee56387330ee084ab161bced8300438;hp=3fa467963b110ae30e153f77f668d1f7131355f1;hpb=681d43d740499f9064e2ddf53374c5d318a7e6fd;p=notmuch-wiki

diff --git a/meetings/hd2015.mdwn b/meetings/hd2015.mdwn
index 3fa4679..7062356 100644
--- a/meetings/hd2015.mdwn
+++ b/meetings/hd2015.mdwn
@@ -20,32 +20,40 @@ Moving parts for secure e-mail
 * GnuPG (C)
 * Emacs UI (emacs lisp)
   * notmuch-emacs
-  * mml-mode
+  * mml-mode, mm multimedia rendering library
 * Alot / nmbug / nmbug-status (python)
   * python-bindings
 * webmail:
   * noservice (Clojure)
   * notmuch web (Haskell)
 
-Security concerns
------------------
-* wrong key selection during composition
-* reply (message mode defaults)
-* inline PGP
+Security and privacy concerns
+-----------------------------
+* privacy leaks rendering messages
 * message-id collisions
-* webmail authentication/authorization (muliple users?)
-* webmail message escaping (XSS, etc)
+* Oops I just sent...
+  * wrong key selection during composition
+  * reply (message mode defaults)
+  * opportunistic signing and encryption
+* inline PGP
+* webmail
+  * authentication/authorization (multiple users?)
+  *  message escaping (XSS, etc)
 * shell injection
 * terminal escape sequences
 * S/MIME support
+  * signatures
+  * encryption
+  * integration with other keyrings
 * reproducible builds:
   [sphinx man pages](https://reproducible.debian.net/rb-pkg/testing/amd64/notmuch.html)
 
-### usability as security?
+Usability as security?
+----------------------
 
 * indexing encrypted mail
 * Memory Hole protected headers
-* key selection indicators during compositoin
+* key selection indicators during composition
 
 
 Breakout sessions
@@ -60,18 +68,9 @@ Reportbacks
 
 -------------------------
 
-proposed session:
----------
-        * Improving the security of the Emacs MML mime composer
-        * Searching of GPG encrypted mail
-        * Auditing and fixing "webbug" style problems in front ends
----------
 
 more complete agenda:
 
-        * S/MIME signatures and encryption
-            * test suites
-            * integration with other keyrings
             * signature only (easyish) versus encryption (more work)
         * Improving the security of the Emacs MML mime composer
             * automated "encrypt-when-i-have-keys-available" mode or other convenience functions?