Allow revocation of OpenPGP keys.
/!\ It is to be noted that revoking a key does NOT necessarily prevent
the owner of its private part from accessing data on the remote /!\
The only sound use of `keyid-=` is probably to replace a (sub-)key by
another, where the private part of both is owned by the same
person/entity:
git annex enableremote myremote keyid-=2512E3C7 keyid+=788A3F4C
Reference: http://git-annex.branchable.com/bugs/Using_a_revoked_GPG_key/
* Other change introduced by this patch:
New keys now need to be added with option `keyid+=`, and the scheme
specified (upon initremote only) with `encryption=`. The motivation for
this change is to open for new schemes, e.g., strict asymmetric
encryption.
git annex initremote myremote encryption=hybrid keyid=2512E3C7
git annex enableremote myremote keyid+=788A3F4C
This commit is contained in:
guilhem
Joey Hess
parent
484daf5b39
commit
53ce59021a
7 changed files with 83 additions and 45 deletions
|
|
@ -24,7 +24,7 @@ import Utility.Env
|
|||
import Utility.Tmp
|
||||
#endif
|
||||
|
||||
newtype KeyIds = KeyIds [String]
|
||||
newtype KeyIds = KeyIds { keyIds :: [String] }
|
||||
deriving (Ord, Eq)
|
||||
|
||||
{- If a specific gpg command was found at configure time, use it.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue