[PATCH] emacs: remove auto-signing of replies to signed messages

Jameson Graef Rollins jrollins at finestructure.net
Mon Apr 14 12:40:50 PDT 2014


It was decided that auto-signing is potentially too troublesome for the
apparently common case of users who enable crypto processing for the
purpose of checking signature validity but who are not in a position to
sign out-going messages.  Users can still manually invoke signing as needed.

Encrypting replies to encrypted messages is more of a security issue
so we leave it in place.
---
 emacs/notmuch-mua.el | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el
index bf6253f..95e4a4d 100644
--- a/emacs/notmuch-mua.el
+++ b/emacs/notmuch-mua.el
@@ -116,10 +116,9 @@ list."
 	notmuch-mua-hidden-headers))
 
 (defun notmuch-mua-reply-crypto (parts)
+  "Add mml sign-encrypt flag if any part of original message is encrypted."
   (loop for part in parts
-	if (notmuch-match-content-type (plist-get part :content-type) "multipart/signed")
-	  do (mml-secure-message-sign)
-	else if (notmuch-match-content-type (plist-get part :content-type) "multipart/encrypted")
+	if (notmuch-match-content-type (plist-get part :content-type) "multipart/encrypted")
 	  do (mml-secure-message-sign-encrypt)
 	else if (notmuch-match-content-type (plist-get part :content-type) "multipart/*")
 	  do (notmuch-mua-reply-crypto (plist-get part :content))))
@@ -236,7 +235,7 @@ list."
 	;; Quote the original message according to the user's configured style.
 	(message-cite-original)))
 
-    ;; Sign and/or encrypt replies to signed and/or encrypted messages.
+    ;; Crypto processing based crypto content of the original message
     (when process-crypto
       (notmuch-mua-reply-crypto (plist-get original :body))))
 
-- 
1.9.1



More information about the notmuch mailing list