X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=doc%2Fman1%2Fnotmuch-config.rst;h=773fd9da2cd735cbc38c5157c0ae158e3ded8012;hp=6961737f3d220b2b6478780acfd4bfe5c65db7c0;hb=fccebbaeef1e4b6489425afb13f419543d53d285;hpb=d0da7a0a1c24b937eb754e8f73e5cf7e3857f24a diff --git a/doc/man1/notmuch-config.rst b/doc/man1/notmuch-config.rst index 6961737f..773fd9da 100644 --- a/doc/man1/notmuch-config.rst +++ b/doc/man1/notmuch-config.rst @@ -138,18 +138,32 @@ The available configuration items are described below. Default: ``gpg``. - **index.try_decrypt** + **index.decrypt** **[STORED IN DATABASE]** + + One of ``false``, ``auto``, ``nostash``, or ``true``. + When indexing an encrypted e-mail message, if this variable is - set to true, notmuch will try to decrypt the message and index - the cleartext. Be aware that the index is likely sufficient - to reconstruct the cleartext of the message itself, so please - ensure that the notmuch message index is adequately protected. - DO NOT USE ``index.try_decrypt=true`` without considering the - security of your index. - - Default: ``false``. + set to ``true``, notmuch will try to decrypt the message and + index the cleartext, stashing a copy of any discovered session + keys for the message. If ``auto``, it will try to index the + cleartext if a stashed session key is already known for the message + (e.g. from a previous copy), but will not try to access your + secret keys. Use ``false`` to avoid decrypting even when a + stashed session key is already present. + + ``nostash`` is the same as ``true`` except that it will not + stash newly-discovered session keys in the database. + + Be aware that the notmuch index is likely sufficient (and a + stashed session key is certainly sufficient) to reconstruct + the cleartext of the message itself, so please ensure that the + notmuch message index is adequately protected. DO NOT USE + ``index.decrypt=true`` or ``index.decrypt=nostash`` without + considering the security of your index. + + Default: ``auto``. **built_with.**