-Bremner and dkg are co-hosting a BoF at debconf:
+What, Where, When
+=================
+
+* Bremner and dkg are co-hosting a BoF at [debconf](https://summit.debconf.org/debconf15/meeting/217/improving-privacy-and-security-for-notmuch-mail/).
+
+* The meeting is Monday 2015-08-17, 1700-1800
+
+* Video streaming should be [available](https://wiki.debconf.org/wiki/DebConf15/Videostream/Amsterdam)
-https://summit.debconf.org/debconf15/meeting/217/improving-privacy-and-security-for-notmuch-mail/
Agenda
======
Moving parts for secure e-mail
------------
-* libnotmuch
-* /usr/bin/notmuch
-* notmuch-emacs
-* libgmime
-* GnuPG
-* mml-mode
+* libxapian (C++, full text search)
+* libgmime (C, glib, RFC822+MIME library)
+* libnotmuch (C and C++)
+* /usr/bin/notmuch (C)
+* GnuPG (C)
+* Emacs UI (emacs lisp)
+ * notmuch-emacs
+ * mml-mode
+* Alot / nmbug / nmbug-status (python)
+ * python-bindings
* webmail:
- * noservice
- * notmuch web
+ * noservice (Clojure)
+ * notmuch web (Haskell)
Security concerns
-----------------
* wrong key selection during composition
* reply (message mode defaults)
* inline PGP
+* message-id collisions
* webmail authentication/authorization (muliple users?)
* webmail message escaping (XSS, etc)
* shell injection
projects / notmuch-wiki / blobdiff