Currently, notmuch has the levers needed to set coherent crypto policy around how cleartext is indexed, which also has an impact on how messages are rendered. But we don't have a lot of documentation about how to do sensible things. This is an initial attempt to address that.
The first example shows a way to selectively index specific messages. The next two examples are about aligning the existing database with crypto indexing policy The default crypto policy is to not index cleartext, and to only decrypt messages on display when explicitly requested. The other sensible crypto policy is to index cleartext while stashing session keys. messages indexed in this way will be searchable, and will be decrypted on display automatically unless the user explicitly asks for it to *not* be decrypted. The policy for indexing *new* messages is stored in the database as the config variable index.decrypt. But setting policy for new messages doesn't retroactively affect already indexed messages. This patch attempts to document ways that someone can efficiently align their pre-existing database with their new policy. I'm not sure this is the right place to document these examples, but i do want them to be user-facing and relatively easy to find. I'm happy to entertain suggestions for where else we should put them. --- doc/man1/notmuch-reindex.rst | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/doc/man1/notmuch-reindex.rst b/doc/man1/notmuch-reindex.rst index 54490f29..cd7c91a0 100644 --- a/doc/man1/notmuch-reindex.rst +++ b/doc/man1/notmuch-reindex.rst @@ -44,10 +44,48 @@ Supported options for **reindex** include See also ``index.decrypt`` in **notmuch-config(1)**. +EXAMPLES +======== + +A user just received an encrypted message without indexing its +cleartext. After reading it (via ``notmuch show --decrypt=true``), +they decide that they want to index its cleartext so that they can +easily find it later and read it without having to have access to +their secret keys: + +:: + + notmuch reindex --decrypt=true id:1234...@example.com + +A user wants to change their policy going forward to start indexing +cleartext. But they also want indexed access to the cleartext of all +previously-received encrypted messages. Some messages might have +already been indexed in the clear (as in the example above). They can +ask notmuch to just reindex the not-yet-indexed messages: + +:: + + notmuch config set index.decrypt true + notmuch reindex tag:encrypted and not property:index.decryption=success + +Later, the user changes their mind, and wants to stop indexing +cleartext (perhaps their threat model has changed, or their trust in +their index store has been shaken). They also want to clear all of +their old cleartext from the index. Note that they compact the +database afterward as a workaround for +https://trac.xapian.org/ticket/742: + +:: + + notmuch config set index.decrypt false + notmuch reindex property:index.decryption=success + notmuch compact + SEE ALSO ======== **notmuch(1)**, +**notmuch-compact(1)**, **notmuch-config(1)**, **notmuch-count(1)**, **notmuch-dump(1)**, -- 2.16.1 _______________________________________________ notmuch mailing list email@example.com https://notmuchmail.org/mailman/listinfo/notmuch