**session-key**
When **notmuch-show(1)** or **nomtuch-reply** encounters a message
- with an encrypted part and ``--decrypt`` is set, if notmuch finds a
- ``session-key`` property associated with the message, it will try
- that stashed session key for decryption.
+ with an encrypted part, if notmuch finds a ``session-key``
+ property associated with the message, it will try that stashed
+ session key for decryption.
+
+ If you do not want to use any stashed session keys that might be
+ present, you should pass those programs ``--decrypt=false``.
Using a stashed session key with "notmuch show" will speed up
rendering of long encrypted threads. It also allows the user to
message. This includes attachments, cryptographic signatures, and
other material that cannot be reconstructed from the index alone.
+ See ``index.decrypt`` in **notmuch-config(1)** for more
+ details about how to set notmuch's policy on when to store session
+ keys.
+
The session key should be in the ASCII text form produced by
GnuPG. For OpenPGP, that consists of a decimal representation of
the hash algorithm used (identified by number from RFC 4880,