diff options
author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2019-05-25 14:04:06 -0400 |
---|---|---|
committer | David Bremner <david@tethera.net> | 2019-05-26 08:20:23 -0300 |
commit | 4cb789aa090fb6ba3c7897584ecbcc0a547b2f81 (patch) | |
tree | 0bc7df43eb4d4450ddfac4651376785ed1ce2c29 /devel | |
parent | d187a6993e25b1e100790e918156f5d95d371899 (diff) |
cli/show: emit new whole-message crypto status output
This allows MUAs that don't want to think about per-mime-part
cryptographic status to have a simple high-level overview of the
message's cryptographic state.
Sensibly structured encrypted and/or signed messages will work fine
with this. The only requirement for the simplest encryption + signing
is that the message have all of its encryption and signing protection
(the "cryptographic envelope") in a contiguous set of MIME layers at
the very outside of the message itself.
This is because messages with some subparts signed or encrypted, but
with other subparts with no cryptographic protection is very difficult
to reason about, and even harder for the user to make sense of or work
with.
For further characterization of the Cryptographic Envelope and some of
the usability tradeoffs, see here:
https://dkg.fifthhorseman.net/blog/e-mail-cryptography.html#cryptographic-envelope
Diffstat (limited to 'devel')
-rw-r--r-- | devel/schemata | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/devel/schemata b/devel/schemata index 42b1bcf3..72feb7b7 100644 --- a/devel/schemata +++ b/devel/schemata @@ -33,6 +33,8 @@ v3 v4 - replace signature error integer bitmask with a set of flags for individual errors. +- (notmuch 0.29) added message.crypto to identify overall message + cryptographic state Common non-terminals -------------------- @@ -73,9 +75,25 @@ message = { tags: [string*], headers: headers, + crypto: crypto, body?: [part] # omitted if --body=false } +# when showing the message, was any or all of it decrypted? +msgdecstatus: "full"|"partial" + +# The overall cryptographic state of the message as a whole: +crypto = { + signed?: { + status: sigstatus, + # was the set of signatures described under encrypted cover? + encrypted: bool, + }, + decrypted?: { + status: msgdecstatus, + } +} + # A MIME part (format_part_sprinter) part = { id: int|string, # part id (currently DFS part number) |