From c20a9ef1bcf5a6b496112747c15970034f906c41 Mon Sep 17 00:00:00 2001 From: Kevin McCarthy Date: Thu, 8 Aug 2019 20:49:32 -0700 Subject: [PATCH] Minor autocrypt manual section updates Mention key selection during account creation and $autocrypt_reply for controlling autocrypt mode setting during replies. Co-authored-by: Richard Russon --- doc/manual.xml.head | 82 +++++++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 37 deletions(-) diff --git a/doc/manual.xml.head b/doc/manual.xml.head index b4e38238d..c84ac0be4 100644 --- a/doc/manual.xml.head +++ b/doc/manual.xml.head @@ -3418,7 +3418,7 @@ set crypt_use_gpgme NeoMutt searches for several different file names when looking for - config. It looks for NeoMutt config files before Mutt config files and + config. It looks for NeoMutt config files before NeoMutt config files and versioned config before plain config. For example: @@ -3436,7 +3436,7 @@ set crypt_use_gpgme - This allows the user to create separate NeoMutt and Mutt config files + This allows the user to create separate NeoMutt and NeoMutt config files on the same system. @@ -17370,11 +17370,11 @@ bind index D purge-message Autocrypt - + - Mutt can be compiled with Autocrypt support by running - configure with the - --enable-autocrypt flag. Autocrypt provides + NeoMutt can be compiled with Autocrypt support by running + configure with the + --enable-autocrypt flag. Autocrypt provides easy to use, passive protection against data collection. Keys are distributed via an Autocrypt: header added to emails. It does not protect against active @@ -17386,28 +17386,28 @@ bind index D purge-message having to explicitly exchange keys. More information can be found at https://autocrypt.org/. - + Requirements - Autocrypt requires support for ECC cryptography, and Mutt by + Autocrypt requires support for ECC cryptography, and NeoMutt by default will generate ECC keys. Therefore GnuPG 2.1 or greater - is required. Additionally, Mutt's Autocrypt implementation uses + is required. Additionally, NeoMutt's Autocrypt implementation uses GPGME and requires at least version 1.8.0. Account and peer information is stored in a sqlite3 database, and - so Mutt must be configured with the --with-sqlite3 + so NeoMutt must be configured with the --with-sqlite3 flag when autocrypt is enabled. - It is highly recommended Mutt be configured - --with-idn or - --with-idn2 so that Autocrypt can properly + It is highly recommended that NeoMutt be configured + --with-idn or + --with-idn2 so that Autocrypt can properly deal with international domain names. - While Mutt uses GPGME for Autocrypt, normal keyring operations + While NeoMutt uses GPGME for Autocrypt, normal keyring operations can still be performed via classic mode (i.e. with $crypt_use_gpgme unset). However, to avoid unnecessary prompts, it is recommended gpg not @@ -17416,46 +17416,46 @@ bind index D purge-message remain set (the default). - + First Run To enable Autocrypt, set $autocrypt, and if desired change the value of $autocrypt_dir in - your muttrc. The first time Mutt is run after that, you will be + your muttrc. The first time NeoMutt is run after that, you will be prompted to create - $autocrypt_dir. Mutt will then + $autocrypt_dir. NeoMutt will then automatically create an sqlite3 database and gpg keyring in that directory. Note since these files should be considered private, - Mutt will create this directory with mode + NeoMutt will create this directory with mode 700. If you create the directory manually, you should do the same. - Mutt recommends keeping the $autocrypt_dir directory set differently from your GnuPG keyring directory (e.g. ~/.gnupg). Keys are automatically imported into the keyring from Autocrypt: - headers. Compared to standard WOT keys, Autocrypt keys are - somewhat ephemeral, and the autocrypt database is used to track - when keys change or fall out of use. Having these keys mixed in - with your normal keyring will make it more difficult to use - features such as + headers. Compared to standard web of trust keys, + Autocrypt keys are somewhat ephemeral, and the autocrypt + database is used to track when keys change or fall out of use. + Having these keys mixed in with your normal keyring will make it + more difficult to use features such as $crypt_opportunistic_encrypt and Autocrypt at the same time. The $autocrypt_dir variable - is not designed to be changed while Mutt is running. The + is not designed to be changed while NeoMutt is running. The database is created (if necessary) and connected to during startup. Changing the variable can result in a situation where - Mutt is looking in one place for the database and a different + NeoMutt is looking in one place for the database and a different place for the GPG keyring, resulting in strange behavior. - Once the directory, keyring, and database are created, Mutt will + Once the directory, keyring, and database are created, NeoMutt will ask whether you would like to create an account. In order to use Autocrypt, each sending address needs an account. As a convenience you can create an account during the first run. If @@ -17464,16 +17464,20 @@ bind index D purge-message function in the index, by default bound to A. - Creating an account requires specifying an email address, and - then deciding whether this address should prefer encryption or - not. Autocrypt 1.1 allows automatically enabling encryption if + Account creation will first ask you for an email address. Next, + it will ask whether you want to create a new key or select an + existing key. (Note key selection takes place from the $autocrypt_dir keyring, which + will normally be empty during first run). Finally, it will ask + whether this address should prefer encryption or not. Autocrypt + 1.1 allows automatically enabling encryption if both sender and receiver have set prefer encryption. Otherwise, you will need to manually enable autocrypt encryption in the compose menu. For more details, see the compose menu section below. - After optionally creating an account, Mutt will prompt you to + After optionally creating an account, NeoMutt will prompt you to scan mailboxes for Autocrypt headers. This step occurs because header cached messages are not re-scanned for Autocrypt headers. Scanning during this step will temporarily disable the header @@ -17483,7 +17487,7 @@ bind index D purge-message mailbox. - + Compose Menu @@ -17569,14 +17573,18 @@ bind index D purge-message either of these are chosen, the field will remain in that state despite what the Recommendation: field shows. Lastly, (a)utomatic will set the value based - on the recommendataion engine's output. + on the recommendation engine's output. Autocrypt encryption defers to normal encryption or signing. Anything that enables normal encryption or - signing will cause autocrypt encryption to turn off. The only exception is - when replying to an autocrypt-encrypted email. In those cases, autocrypt - will override settings + signing will cause autocrypt encryption to turn off. The only + exception is when replying to an autocrypt-encrypted email + (i.e. an email decrypted from the $autocrypt_dir keyring). Then, + if $autocrypt_reply is + set, autocrypt mode will be forced on, + overriding the settings $crypt_autosign, $crypt_autoencrypt, $crypt_replyencrypt, @@ -17593,7 +17601,7 @@ bind index D purge-message encrypted. - + Account Management -- 2.40.0