summaryrefslogtreecommitdiffstats
path: root/autocrypt/README
blob: 354b9ce40fa371056634124c6a2e022cc600e301 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

This is an implementation of Autocrypt Level 1.1. <https://autocrypt.org/>


Still Todo
==========
* Setup message creation
* Setup message import
  These can both be added to the account menu, and perhaps the first-run too.


Developer Notes
===============

* header->security | AUTOCRYPT

  During message composition, AUTOCRYPT is mutually exclusive from
  ENCRYPT and SIGN.  The former means that autocrypt will sign and
  encrypt the email upon send, the latter means the normal keyring
  will do so.

  We keep these separate so that autocrypt can detect the normal
  keyring has been turned on (manually, or by oppenc or something) and
  disable itself.

  Outside message composition the flags are not exclusive.  We can't
  tell a message is an autocrypt message until we try to decrypt it.
  Once we do so, the flag is added to the existing flags.  The only
  relevance for decrypted messages is when replying - in which case
  we want to force using autocrypt in the reply.

* header->security | AUTOCRYPT_OVERRIDE

  I was loathe to use another bit for this, but unlike OPPENCRYPT,
  AUTOCRYPT means the message *will* be encrypted, not that the option
  is on.

  We need a way to distinguish between the user manually enabling
  autocrypt and the recommendation engine doing so.  If this is not
  set, the engine can turn AUTOCRYPT back off when the recipients
  change.  But if the user manually set it, we don't want to do that.

* mutt_autocrypt_init()

  All public functions (in autocrypt.h) should call this function to
  make sure everything is set up.  Nothing prevents the user from manually
  flipping the option at runtime, but in that case the directory and such
  may not even exist.

  Right now, I only allow "first run" initialization during startup.
  Not all calls are interactive, and we don't want to prompt the user
  while opening a mailbox, for instance.

* Database schema version

  There is a "schema" table in the database, which records database
  version.  Any changes to the database should bump the schema version
  by adding a call in mutt_autocrypt_schema_update().
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 01:30:24 +0000