Re: How do you manage encrypted mail?

To: debian-user@lists.debian.org
Subject: Re: How do you manage encrypted mail?
From: Richard Lawrence <richard.lawrence@berkeley.edu>
Date: Tue, 02 Jul 2013 10:21:11 -0700
Message-id: <[🔎] 87obakdgjc.fsf@berkeley.edu>
References: <[🔎] 87sizxc5ox.fsf@berkeley.edu> <[🔎] 20130702162958.GA17837@gnu.kitenet.net>

Joey Hess <joeyh@debian.org> writes:

> Richard Lawrence wrote:
>> I've recently (re-)decided to make an effort to use PGP, and to convince
>> others to use it too. (My effort to do so:
>> http://www.ocf.berkeley.edu/~rwl/encryption.html, linked from my
>> .signature.  Comments welcome.) But I've run into a couple of problems
>> fairly quickly. If you use PGP regularly, how do you solve them?
>> 
>> 1) Reading encrypted mail that I sent...
>
> Typically, gpg is configured to encrypt mail to multiple recipients,
> which includes everyone the mail is sent to, as well as the sender.
>
> For example, I have in my gpg.conf:
>
> # Encrypt stuff to my key too.
> encrypt-to 2512E3C7
>

Ah, this is what I was missing.  Thanks!

>> 2) Search. The more serious issue is that I can't search encrypted
>> email, whether I sent it or received it...
>
> Mutt will use gpg to decrypt encrypted mail when searching in the body
> (ie, when limiting to ~bsomething). It can get slow, indeed.

Good to know, thanks.  When I try this, Mutt asks me to enter my GPG
passphrase for every encrypted message in the folder I'm limiting,
though!  (So it's not a good option for my "sent" folder, for example.)
Any way to avoid that?

> I rarely find the need to search in bodies of mail after it's a month
> old, and use mairix to index and search subject and other headers,
> which are not encrypted. Then if necessary I can load the resulting
> mbox full of search results into mutt and do a body search to further
> refine it down to what I was looking for.

This is more or less what I'm doing now with notmuch.  I think it will
work fine for me personally, but I'm a bit concerned that this will not
sound convincing to someone else.  ("You should encrypt all your
messages.  But full disclosure: you won't be able to search the message
contents easily, just headers.  Sorry!")

One possibility I can see here is to store and index unencrypted copies
of messages locally, but only sync encrypted messages with the mail
server.  I imagine I could rig something up to accomplish this, using
the scripting features of offlineimap, etc.  Is there an existing
solution for a setup like that?

Thanks!

-- 
Best,
Richard

Reply to:

Follow-Ups:
- Re: How do you manage encrypted mail?
  - From: Joey Hess <joeyh@debian.org>
- Re: How do you manage encrypted mail?
  - From: Rob Owens <rowens@ptd.net>

References:
- How do you manage encrypted mail?
  - From: Richard Lawrence <richard.lawrence@berkeley.edu>
- Re: How do you manage encrypted mail?
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: How do you manage encrypted mail?
Next by Date: Re: How do you manage encrypted mail?
Previous by thread: Re: How do you manage encrypted mail?
Next by thread: Re: How do you manage encrypted mail?
Index(es):
- Date
- Thread