Autocrypt

Eike Rathke list at erack.de
Thu Aug 8 22:36:37 UTC 2019


Hi Kevin,

On Wednesday, 2019-08-07 17:40:06 -0700, Kevin J. McCarthy wrote:

> > One caveat: when enabling autocrypt=yes and starting mutt the first time
> > one must ensure to not have some key push in the config, otherwise that
> > interferes with the prompt about setting up the autocrypt directory.
> > BTDT..
> 
> Whoops - there's one right there.  I'll fix that in the next couple days.

I confirm it works now.

> > Questions remaining: it may be possible to use an already existing RSA
> > key imported from the GnuPG keyring. At least I've seen such Autocrypt
> > keys even with two accounts on them. Does Mutt Autocrypt support that?
> 
> Yes, today I pushed up the ability to select a key during account creation.
> It's rather fresh but I think works okay.

Tried that and did (s)elect existing GPG key, but got "No secret key
found". Didn't dig deeper.

> I also added $autocrypt_reply to turn off the "forced autocrypt" mode when
> replying.  If the same key is used in both web-of-trust and autocrypt, it
> may be more convenient to choose yourself when replying rather than have
> autocrypt force itself on you each time.

Makes sense. Though with several accounts some (which don't have a WoT
key assigned) may be preferred using autocrypt_reply and others not, so
probably a sender address hook (reply-hook) would be appropriate. Would
that work?

Btw, how about passphrases for autocrypt keys? Recommendation is to not
have such or not ask it for every mail, but I'd not use a regular key
without passphrase for autocrypt. Is the usual PGP passphrase handling
(including timeout) also applied to autocrypt keys? Maybe I'll find some
time over the weekend to play around with things.. until then I ask
stupid questions ;-)

The docs say that "header cached messages are not re-scanned for
Autocrypt headers", however, my gut feeling is that mailboxes not yet
scanned are scanned when opening them the first time after autocrypt was
initialized, even if header caching is on. At least I experienced
a quite slow scanning for larger mailboxes in such first visits. If so,
this can be a problem for large IMAP boxes, but was already slow enough
for large local boxes.

  Eike

-- 
OpenPGP/GnuPG encrypted mail preferred in all private communication.
GPG key 0x6A6CD5B765632D3A - 2265 D7F3 A7B0 95CC 3918  630B 6A6C D5B7 6563 2D3A
Use LibreOffice! https://www.libreoffice.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mutt.org/pipermail/mutt-dev/attachments/20190809/c1616a2e/attachment.asc>


More information about the Mutt-dev mailing list