On Wed, Apr 03 2013, Daniel Kahn Gillmor <[email protected]> wrote: > When i'm viewing an encrypted message in notmuch-emacs, and i hit R > (or M-x notmuch-show-reply), it drops me into an mml compose buffer > with the decrypted message body properly quoted and attributed. > > If I go ahead and send that reply, the previously-encrypted message > content goes out in the clear. This is a faux pas. > > Notmuch should insert the appropriate MML encryption tag into the > reply buffer by default if the message being replied to has the > "encrypted" tag: > > <#secure method=pgpmime mode=encrypt> > > (it should probably be a different tag if the incoming message used > S/MIME instead of PGP/MIME, though i don't think we handle S/MIME yet, > so maybe we can leave that distinction to later)
Yes, this really bugs me as well. Unfortunately I have yet to figure out a good solution to this problem. Notmuch doesn't actually currently handle any message signing or encrypting by default. In order for my messages to be automatically signed I use the following configuration: (custom-set-variables '(message-setup-hook (quote (message-check-recipients mml-secure-message-sign-pgpmime))) ...) We need something like a custom message-setup-hook function that can set up the appropriate MML tags. Reply buffers are constructed by notmuch-mua-reply in notmuch-mua.el. Notmuch is providing "sigstatus" and "encstatus" fields in the json-formated "reply" output, which is what notmuch-mua-reply is using. notmuch-mua-reply should parse the sigstatus and encstatus fields and do something with them, although what I'm not sure. Maybe either supply these to the appropriate message-setup-hook function, or just manually insert the tags into the reply body itself? Presumably we should interact with some notmuch user config setting to determine how the user wants the various circumstances handled (with the appropriate safe defaults, of course) jamie.
pgpO9cZAoS_rK.pgp
Description: PGP signature
