#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

{{{pgp_sign_as}}} and {{{smime_default_key}}} specify signing keys. In
some cases the signing key and encryption key will be different, thus the
new configuration variables.

I'm not all that concerned that Mutt users may be put off by this, as they
tend to be more interested in correctness and configurability than user-
friendly or a "batteries included" experience. Repetition can be avoided
by using a $my_ variable, or by assigning one configuration variable to
the other.

I'll give a few days for the other devs to comment, but am against this
request.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:1>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by michele):

Thank you for letting me know your arguments... which make sense ;-)

Maybe this (*) should be anyway mentioned in the
[http://www.mutt.org/doc/manual/#record documentation] for the `record`
variable.

(*) i.e. that while sending encrypted emails (with S/MIME or PGP), per
default the copy saved to the outgoing messages won't be decryptable
anymore, unless one sets the `smime_self_encrypt` and
`smime_self_encrypt_as` resp. `pgp_self_encrypt` and `pgp_self_encrypt_as`
variables.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:2>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

I think adding something to the manual does make sense. I'll take a look
at that soon.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:3>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by code@…):

{{{
I'd be inclined to agree with Kevin: The whole point of encryption is
to be exclusive about who can read it, and changing this changes the
model to one that's more permissive, which may result in bad
consequences for unsuspecting users.

OTOH, I'm somewhat in favor of anything that makes it easier for
people to adopt encrypted e-mail (though, TBH, I think that ship has
sailed), and I can't really think of any particularly good arguments
for why one might not want to be able to read one's own encrypted
correspondence.

I'm somewhat inclined to engage Werner on the subject. [Or, Werner,
if you're still paying attention to Mutt and issues relating to its
use of GPG, please feel free to pipe up!] If this can wait a while I
s'pose I'll do that.
}}}

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:4>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

I've added a paragraph to the "Sending Cryptographically Signed/Encrypted
Messages" section in the manual, mentioning the self-encrypt options.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:5>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by vinc17):

Most users won't read details in the manual. IMHO, it's rather surprising
that one cannot read something one has written, so I would say that the
default should be "yes". If some people think that this may be a security
issue (which one???), then this could be changed to a quad-option with
something like ask_yes or ask_no.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:6>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Changing the default of {{{pgp_self_encrypt}}} to "yes" will make no
difference, because they must supply {{{pgp_self_encrypt_as}}}. How does
it make a significant difference at that point?

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:7>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Replying to myself, perhaps it's worth exploring ways to add this to the
UI.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:8>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by vinc17):

Shouldn't the sender's key used by default?

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:9>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Hi Vincent, I'm not sure I understand your suggestion. I know that gpg
can be configured to do this via the {{{encrypt-to}}} config in
{{{~/.gnupg/gpg.conf}}}. Otherwise, it is not done by default.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:10>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by michele):

Hi Vincent. Using the sender's key (`smime_default_key` resp.
`pgp_default_key`) as default was my suggestion. Read the first paragraph
in my description of this ticket.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:11>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------
`pgp_default_key`) as default was my suggestion. Read the first paragraph
in my description of this ticket.

Yes, this is what should be done, IMHO.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:12>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

As I said in comment:1, {{{pgp_sign_as}}} and {{{smime_default_key}}}
(there is no {{{pgp_default_key}}}) specify '''signing''' keys. Those
variables are also set when the user chooses "sign (a)s" in the PGP and
S/MIME menu.

Those two variables are unsuitable for holding a self-encrypt key, because
they in fact could be set to a key without encryption capabilities.

Yes, this does happen: I sometimes have to explain on IRC why someone
can't send an encrypted email to someone, because the key does not have
encryption capability set.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:13>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

I haven't spent much time looking at the s/mime decryption code, and was
curious why the variable is called {{{smime_default_key}}}, so I'm taking
a closer look.

It looks like {{{smime_default_key}}} '''will''' be used for decryption if
{{{smime_decrypt_use_default_key}}} is set. This was set up before I
added a capability flag to the s/mime .index files. Since the value is
overwritten by "sign (a)s", I'm not sure this is a very good idea
anymore...

So we might be able to do this for s/mime, but I have reservations given
the sign (a)s overwriting behavior. It's more certainly not a good idea
for pgp.

If I could wipe the slate clean, I would probably create a
{{{pgp_default_key}}}, along with {{{pgp_sign_key}}} and
{{{pgp_encrypt_key}}} that would override the value in
{{{pgp_default_key}}} if they were set. I might also store the value set
by "sign (a)s" in the pgp menu in a separate place, instead of overwriting
the configuration variable. Likewise for s/mime.

But given the current state, I'd rather keep the self-encrypt vars as is.
The variables won't get surprisingly overwritten, and (for pgp) we won't
suddenly start trying to encrypt using a key with no encryption
capability.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:14>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Okay, my rambling on in the last comment has helped me think things
through, and I think there is a solution.

PGP:
* Create {{{$pgp_default_key}}}
- this will be used for encryption (for {{{$postpone_encrypt}}} and
{{{$pgp_self_encrypt}}}).
- this will be used for signing unless {{{$pgp_sign_as}}} is set.
- {{{$pgp_self_encrypt_as}}} will become an alias for this. I'll
mention in the docs, but note it is deprecated.

* {{{$pgp_sign_as}}} continues to be available. Those with separate
signing keys should continue to use it, but others can just put their key
into {{{$pgp_default_key}}}. The pgp "sign (a)s" menu will set
{{{$pgp_sign_as}}} (as it does now).

* Change the default of {{{$pgp_self_encrypt}}} to set.

S/MIME:
* {{{$smime_default_key}}}
- will be used for encryption for {{{$postpone_encrypt}}} and
{{{$smime_self_encrypt}}}.
- will be used for decryption unless
{{{$smime_decrypt_use_default_key}}} is unset.
- will be used for signing unless {{{$smime_sign_as}}} is set
- {{{$smime_self_encrypt_as}}} will become an alias for this, which I'll
also mention in the docs but note it is deprecated.

* Create {{{$smime_sign_as}}}
- this is available for those with separate encryption and signing keys.
- Change the s/mime "sign (a)s" menu to set this instead.

* Change the default of {{{$smime_self_encrypt}}} to set.

How does this sound?

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:15>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by michele):

Goog 👍.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:16>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------
Changes (by kevin8t8):

* Attachment "ticket-3983.patch" added.


--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

I'm attaching a preliminary patch. I haven't gone over it thoroughly, and
have only lightly tested it, so it might blow up or do something weird.

I'll spend some more time on it the next couple days, but if you feel
daring you are welcome to try it out.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:17>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by michele):

Perfekt! The patch worked find for me, but I just could test it with
S/MIME. I had to set ''only'' the `smime_default_key` value (and of course
importing `smime.rc`) to use it. Well done 👍

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:18>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Thank you very much for testing the patch. I'm glad to hear the S/MIME
changes are working for you. That's very helpful, because I don't use
S/MIME myself and can only test in my small artificial environment.

I'm still going to review and test for a couple more days. If all looks
good, I'll push it up.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:19>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: closed
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: fixed | Keywords:
--------------------------+----------------------
Changes (by kevin8t8):

* status: new => closed
* resolution: => fixed


Comment:

I've pushed db252e61 up to master and 667a4710 to stable. Thanks for
everyone's feedback and help.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:21>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

#3983: Change smime_self_encrypt default to yes (same for pgp_self_encrypt)
--------------------------+----------------------
Reporter: michele | Owner: mutt-dev
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: mutt | Version: 1.9.2
Resolution: | Keywords:
--------------------------+----------------------

Comment (by kevin8t8):

Overall the testing looked good, so I'll push the patch later on today.

However, my testing did uncover a bug when resuming encrypted S/MIME
drafts, which affects mutt prior to this patch. I'll push a fix up to
stable for that afterwards, and then will close this ticket.

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3983#comment:20>
Mutt <http://www.mutt.org/>
The Mutt mail user agent