[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

How do you manage encrypted mail?

Hi list,

I've recently (re-)decided to make an effort to use PGP, and to convince
others to use it too. (My effort to do so:
http://www.ocf.berkeley.edu/~rwl/encryption.html, linked from my
.signature.  Comments welcome.) But I've run into a couple of problems
fairly quickly. If you use PGP regularly, how do you solve them?

1) Reading encrypted mail that I sent. If I need to remind myself what I
said to someone, or recover an attachment, etc., I can't, because the
only copy of my message is encrypted with the recipient's public key. I
could work around this by Bcc'ing myself on every message, but that
would have the mildly annoying effect of duplicating all my outgoing
messages; every time I were to look for a message I sent to Mr. X, I'd
get two results, and I'd have to figure out which one was encrypted with
my key to read it.

2) Search. The more serious issue is that I can't search encrypted
email, whether I sent it or received it. It is conceivably possible to
search mail encrypted with my public key by decrypting it before running
the search (though not encrypted mail that I sent, pending a good
solution to problem 1). However, that seems like it would be extremely
slow in practice, and I am not aware of any software that would make
this simple or practical.

I am currently using Mutt as a client for a local Maildir, with
offlineimap and notmuch to download and index my mail, but I am willing
to switch to a different setup if there is one out there that solves
these problems. What's frustrating is that both problems seem pretty
obvious, and solutions are conceivable, but I haven't been able to find
much information about practical solutions.  Is there any way to
configure the software I'm using to allow searching and reading
encrypted messages?  If not, is there some other set of programs that
would do this available in Debian?

I don't want to recommend to others that they use PGP if it means they
cannot reasonably search their mail archives and read their sent
messages.  What should I tell them to do?

(Note:  I also asked this question on Hacker News, at
https://news.ycombinator.com/item?id=5978529, if you would like to reply
or read the responses there.)

Thanks for your input!

-- 
Best,
Richard
Reply to: