X-Git-Url: https://git.notmuchmail.org/git?a=blobdiff_plain;f=doc%2Fman1%2Fnotmuch-insert.rst;h=1a3dfe98299ae21b6501de65cad97ef9f91a18bb;hb=fccebbaeef1e4b6489425afb13f419543d53d285;hp=214f261ba6b00f95a3eb036f535c9ca992978708;hpb=29648a137c5807135ab168917b4a51d5e19e51c2;p=notmuch diff --git a/doc/man1/notmuch-insert.rst b/doc/man1/notmuch-insert.rst index 214f261b..1a3dfe98 100644 --- a/doc/man1/notmuch-insert.rst +++ b/doc/man1/notmuch-insert.rst @@ -51,10 +51,10 @@ Supported options for **insert** include ``--no-hooks`` Prevent hooks from being run. - ``--decrypt=(true|auto|false)`` + ``--decrypt=(true|nostash|auto|false)`` If ``true`` and the message is encrypted, try to decrypt the - message while indexing, storing any session keys discovered. + message while indexing, stashing any session keys discovered. If ``auto``, and notmuch already knows about a session key for the message, it will try decrypting using that session key but will not try to access the user's secret keys. If decryption @@ -62,11 +62,15 @@ Supported options for **insert** include message is always stored to disk in its original form (ciphertext). - Be aware that the index is likely sufficient to reconstruct - the cleartext of the message itself, so please ensure that the + ``nostash`` is the same as ``true`` except that it will not + stash newly-discovered session keys in the database. + + Be aware that the index is likely sufficient (and a stashed + session key is certainly sufficient) to reconstruct the + cleartext of the message itself, so please ensure that the notmuch message index is adequately protected. DO NOT USE - ``--decrypt=true`` without considering the security of - your index. + ``--decrypt=true`` or ``--decrypt=nostash`` without + considering the security of your index. See also ``index.decrypt`` in **notmuch-config(1)**.