Re: [PATCH] emacs: change default for notmuch-crypto-process-mime to t
- From: Daniel Kahn Gillmor <dkg@xxxxxxxxxxxxxxxxx>
- To: David Bremner <david@xxxxxxxxxxx>, notmuch@xxxxxxxxxxxxx, notmuch@xxxxxxxxxxxxxxx
- Date: Mon, 10 Jul 2017 16:42:37 -0400
On Sun 2017-07-09 07:46:14 -0300, David Bremner wrote:
There are some cases like remote usage where this might cause
problems, but those users can easily customize the variable. The
inconvenience seems to be outweighed by the security benefit for most
users.
lgtm. i'm not sure that this change is technically a "security
benefit", though, it looks more like a "usability benefit", since the
main use of process-crypto is likely to be decrypting messages.
for signature verification, there's some small security benefit, but
since it's mainly exposure of interesting information to the user (as
opposed to blocking users from doing unsafe things) it's still probably
more on the usability side than security.
still, i think it's a good change. If it uncovers performance problems
on use cases that normal people care about, hopefully we can get
examples of those use cases and get the performance problems fixed
(rather than just encouraging those users to set the flag to nil).
--dkg
Attachment:
signature.asc
Description: PGP signature
Other related posts:
