mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

update

Browse source
This commit is contained in:
Joey Hess 2016-05-10 14:07:13 -04:00
parent 76522065ae
commit e35ba6c1e6
Failed to extract signature
1 changed files with 21 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
doc/todo/feature_request__58___pubkey-only_encryption_mode/comment_4_2ccd5e75f175f09b08cee2290720fdea._comment Normal file
View file

@ -0,0 +1,21 @@
[[!comment format=mdwn
username="joey"
subject="""comment 4"""
date="2016-05-10T17:59:03Z"
content="""
Thinking about this some more, I think it makes sense that your friend who
is doing the uploading is doing it from a clone of your repository.
So, they could have access to the HMAC key, and could use it to encrypt
filenames, rather than using the un-encrypted keys. filenames seems better,
because there's no point in exposing the un-encrypted filenames to S3.
So, the encryption setup on such a repository would be the un-encrypted
HMAC key, and an indication of what gpg public key to encrypt file contents
to.
(Of course, you might choose to expose a sanitized form of your real
repository for cloning, that's more or less empty. And could even expose
it to the whole world if you want to let anyone use it for sending files
to you. In this case the un-encrypted HMAC key would be a pretty open secret.)
"""]]