crypto: actually stash session keys when decrypt=true

[notmuch] / doc / man1 / notmuch-new.rst

diff --git a/doc/man1/notmuch-new.rst b/doc/man1/notmuch-new.rst
index 1df86f067e1cba8b37499a020ad82b07ad041461..27676a196994919f92bc831e4d5fb45d1b3aa4cb 100644 (file)
--- a/doc/man1/notmuch-new.rst
+++ b/doc/man1/notmuch-new.rst
@@ -43,15 +43,20 @@ Supported options for **new** include
     ``--quiet``
         Do not print progress or results.
 
-    ``--decrypt=(true|false)``
-
-        If true, when encountering an encrypted message, try to
-        decrypt it while indexing.  If decryption is successful, index
-        the cleartext itself.  Be aware that the index is likely
-        sufficient to reconstruct the cleartext of the message itself,
-        so please ensure that the notmuch message index is adequately
-        protected.  DO NOT USE ``--decrypt=true`` without
-        considering the security of your index.
+    ``--decrypt=(true|auto|false)``
+
+        If ``true``, when encountering an encrypted message, try to
+        decrypt it while indexing, and store any discovered session
+        keys.  If ``auto``, try to use any session key already known
+        to belong to this message, but do not attempt to use the
+        user's secret keys.  If decryption is successful, index the
+        cleartext of the message.
+
+        Be aware that the index is likely sufficient (and the session
+        key is certainly sufficient) to reconstruct the cleartext of
+        the message itself, so please ensure that the notmuch message
+        index is adequately protected.  DO NOT USE ``--decrypt=true``
+        without considering the security of your index.
 
         See also ``index.decrypt`` in **notmuch-config(1)**.