From: Kevin McCarthy Date: Tue, 20 Aug 2019 22:37:06 +0000 (-0700) Subject: Clean up the autocrypt doc a bit more. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c8ec78e15a6d7ab1a20df8f383643a5ba1480c56;p=mutt Clean up the autocrypt doc a bit more. --- diff --git a/doc/manual.xml.head b/doc/manual.xml.head index b10ba697..d1f7a057 100644 --- a/doc/manual.xml.head +++ b/doc/manual.xml.head @@ -9915,24 +9915,19 @@ please have a look at the mixmaster documentation. be accomplished. The recommended way is to set $autocrypt_dir to your normal keyring directory (e.g. ~/.gnupg). - Alternatively you can copy the key over to the Autocrypt keyring - (using something along the lines of gpg --export - [keyid] | gpg --homedir=~/.mutt/autocrypt --import - followed by gpg --export-secret-keys [keyid] | gpg - --homedir=~/.mutt/autocrypt --import). During account - creation, choosing (s)elect existing GPG key will - then list and allow selecting your existing key for the new - account. + During account creation, choosing (s)elect existing GPG + key will then list and allow selecting your existing key + for the new account. - Copying your key over keeps Autocrypt keys out of your normal - keyring, but there is a severe downside. Mutt - first tries to decrypt messages using the - Autocrypt keyring, and if that fails tries the normal keyring - second. This means all encrypted emails to that key will be - decrypted, and have signatures verified from, the Autocrypt - keyring. Keys signatures and web of trust from your normal - keyring will no longer show up in signatures when decrypting. + An alternative is to copy your key over to the Autocrypt keyring, + but there is a severe downside. Mutt first + tries to decrypt messages using the Autocrypt keyring, and if + that fails tries the normal keyring second. This means all + encrypted emails to that key will be decrypted, and have + signatures verified from, the Autocrypt keyring. Keys signatures + and web of trust from your normal keyring will no longer show up + in signatures when decrypting. For that reason, if you want to use an existing key from your @@ -9951,10 +9946,10 @@ please have a look at the mixmaster documentation. - First, replying to an Autocrypt decrypted message by default - forces Autocrypt mode on. By sharing the same key, all - replies will then start in Autocrypt mode, even if a message - wasn't sent by one of your Autocrypt peers. $autocrypt_reply can be unset to allow manual control of the mode when replying. @@ -9962,13 +9957,13 @@ please have a look at the mixmaster documentation. - Second, when Mutt creates an account from a gpg key, it - exports the public key, base64 encodes it, and stores that - value in the sqlite3 database. The value is then used in - the Autocrypt header added to outgoing emails. The ECC keys - Mutt creates don't change, but if you use external keys that - expire, when you resign to extend the expiration you will - need to recreate the Autocrypt account using the account menu. Otherwise the Autocrypt header will contain the old expired exported keydata.