On 01/25/2012 12:45 PM, Jameson Graef Rollins wrote: > Here's a behavior that I think would be reasonable: > > * notmuch reply outputs JSON encrypted flag > > * emacs does a quick check to see if the needed key is available > > * if key not available: give a nice mini-buffer prompt, something like: > > 'encryption key for "Foo Bar " not found. Retrieve?' > > * if response is yes: call gpg to retrieve the key > > * if key available: add encrypt flag > > else: I feel like this should abort, but maybe there's something to > be done here. Allow reply but don't quote the original? I note from observing my own correspondence practices that there are some other heuristics that might be reasonable, if we're willing to be more sophisticated here too. For example: * if the entire encrypted message body was signed by key X (which we either have or fetch), and * X has a User ID which matches the address to which we're replying, and * we don't have a technically-valid matching User ID for the e-mail address (so we wouldn't normally want to encrypt mail to key X), then we could offer (or default) to encrypt the reply to that key anyway, on the grounds that the keyholder in question knew the contents of the original message anyway. Some visual indication of being in this corner-case state would be nice, of course. While i'm dreaming, I'd also love to be able to get some statistics about how many messages in a given thread have this kind encryption/signing response. It would be interesting for some sort of measurement of e-mail+keyholding continuity, which would be useful in a more generalized contacts+crypto manager. --dkg