On Wed 2015-03-18 07:41:34 -0400, on https://debbugs.gnu.org/20133, Moritz Ulrich wrote:
> When sending signed emails with `mml-secure-message-sign-pgpmime', GnuPG
> is called once for the outgoing mail, then again for every FCC: header
> field.

I can confirm this for emacs 24.5 as well as the original report's 24.4.

> This isn't problematic when using gpg-agent & caching of
> passphrases, very annoying when not.

It's also problematic when using a smartcard, or when using
ignore-cache-for-signing in ~/.gnupg/gpg-agent.

Even when not using signatures and just encrypting, it's a bad situation
because the body of the message stored in fcc is different from the body
of the message sent into the SMTP network.

This is also a concern if you have options set like
message-generate-hashcash, because then the hashcash information sent
via mail doesn't get copied into the fcc.  Similarly, users with
message-send-mail-partially-limit will see the whole message in Fcc, and
won't be able to tell that it was split upon sending.

I also find this troubling because the documentation explicitly
contemplates the use of message-mode's encryption and signing with Fcc
without acknowledging this flaw:

 https://www.gnu.org/software/emacs/manual/html_node/mh-e/Sending-PGP.html

> The issue tracks down to message.el:5411 where
> `message-encode-message-body' is called in a loop for every FCC.
>
> I'm not sure why it's necessary to re-encode the message once for every
> FCC. Isn't it possible to just store the original outgoing mail?

I think this is the right default -- though i think it won't work for
users who have set message-fcc-externalize-attachments to non-nil.

The raw message created and sent via message-send, which might itself
operate multiple times, since message-send-alist by default is:

 ((news message-news-p message-send-via-news)
  (mail message-mail-p message-send-via-mail))

message-news-p and message-mail-p are defined to be mutually-exclusive,
but i don't think the code in message-send would require them to be.

And neither one of them returns or sets aside a buffer with the message
to be stored either.

Perhaps fcc would be better implemented as some sort of hook in
message-send-mail-hook or message-send-hook or message-sent-hook
instead?  Is there a way to get this buffer?

My elisp is not good enough to produce a patch without breaking things
that other people might rely on if i try it by myself.  But if someone
wants to give me pointers for where to start i can try to produce
something useful.

> If not, I suggest adding a variable to prevent signing from happening
> when storing the mail locally. 

I don't think this approach would be the right approach.  The user
should know whether a given mail was sent out signed or not.  The user
should also be able to expect that the octets in the fcc'ed body are the
same bytes that were sent to the network.

Please Cc me on followups to 20133, it's not clear how i should
subscribe to this installation of debbugs.

Regards,

        --dkg