From 26b4e5af3e04acb565d04bb653df471bde24e3a5 Mon Sep 17 00:00:00 2001
From: tanen <tanen@web>
Date: Mon, 4 Nov 2013 17:58:36 +0000
Subject: [PATCH] Added a comment

---
 ...t_10_4440a80d64c60c7312d5c405d54e607a._comment | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_10_4440a80d64c60c7312d5c405d54e607a._comment

diff --git a/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_10_4440a80d64c60c7312d5c405d54e607a._comment b/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_10_4440a80d64c60c7312d5c405d54e607a._comment
new file mode 100644
index 0000000000..4ee70bcd70
--- /dev/null
+++ b/doc/tips/fully_encrypted_git_repositories_with_gcrypt/comment_10_4440a80d64c60c7312d5c405d54e607a._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="tanen"
+ ip="83.128.159.25"
+ subject="comment 10"
+ date="2013-11-04T17:58:36Z"
+ content="""
+> \"We could symetrically encrypt the repository with a keyfile that's stored in the repository itself\"
+> Then you would need to decrypt the repository in order get the key you need to decrypt the repository. The impossibility of this design is why I didn't do that!
+
+Sorry, I ment that the file containing the symmetric encryption key should obviously not be used to encrypt itself, it would be stored in the repository \"unencrypted\" (but protected with a passphrase)
+
+> store a non-encrypted gpg key alongside the repsitory encrypted with it, but then you have to rely on a passphrase for all your security.
+
+Exactly. I think such a mode be a great addition. It might not be as secure as encryption based on a private key - depending on the passphrase strength -, but it would certainly be a lot more convenient and portable (and still much more secure than the shared encryption method).
+"""]]