On Tue 2015-09-29 08:53:32 -0400, Andrew Gallagher <andr...@andrewg.com> wrote:
> On 28/09/15 23:16, SGT. Garcia wrote:
>> On Mon, Sep 28, 2015 at 04:10:10PM -0400, Daniel Kahn Gillmor wrote:
>>>
>>> Do you ever import keys that other people
>>> send you? or keys you find on the web? or keys attached to e-mail
>>> messages? Are you sure the things imported can't include a secret key?
>>
>> this is the first time i hear about *importing* to be honest. after reading,
>> yes
>> just reading, your email a new key was added and on the next run of 'notmuch
>> new' i was asked for it by pinentry. i'm guessing mutt imports any key it
>> finds
>> in attachments.
>
> Surely that 'feature' needs removing asap?
I'm surprised to hear that notmuch has this feature, and i haven't seen
it happen myself. I'm one of the people who helped contribute to
notmuch's OpenPGP mechanisms.
This sounds like something to be raised on the notmuch mailing list,
though.
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
