cli/reindex: destroy stashed session keys when --decrypt=false

[notmuch] / doc / man1 / notmuch-new.rst

diff --git a/doc/man1/notmuch-new.rst b/doc/man1/notmuch-new.rst
index bc26aa4806a7e07400708a9f35b8f832009302be..71df31d77dd64d0e6c5402f34e8b255127a611a2 100644 (file)
--- a/doc/man1/notmuch-new.rst
+++ b/doc/man1/notmuch-new.rst
@@ -43,17 +43,21 @@ Supported options for **new** include
     ``--quiet``
         Do not print progress or results.
 
-    ``--try-decrypt=(true|false)``
+    ``--decrypt=(true|auto|false)``
 
-        If true, when encountering an encrypted message, try to
+        If ``true``, when encountering an encrypted message, try to
         decrypt it while indexing.  If decryption is successful, index
-        the cleartext itself.  Be aware that the index is likely
+        the cleartext itself.  If ``auto``, try to use any session key
+        already known to belong to this message, but do not attempt to
+        use the user's secret keys.
+
+        Be aware that the index is likely
         sufficient to reconstruct the cleartext of the message itself,
         so please ensure that the notmuch message index is adequately
-        protected.  DO NOT USE ``--try-decrypt=true`` without
+        protected.  DO NOT USE ``--decrypt=true`` without
         considering the security of your index.
 
-        See also ``index.try_decrypt`` in **notmuch-config(1)**.
+        See also ``index.decrypt`` in **notmuch-config(1)**.
 
 EXIT STATUS
 ===========