mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

clarify

Browse source
This commit is contained in:
Joey Hess 2013-08-29 14:32:25 -04:00
parent 53ce59021a
commit f8082933e7
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
doc/design/encryption.mdwn
View file

@ -107,8 +107,9 @@ A risk of this scheme is that, once the symmetric cipher has been
obtained, it allows full access to all the encrypted content. Indeed obtained, it allows full access to all the encrypted content. Indeed
anyone owning a key that used to be granted access could already have anyone owning a key that used to be granted access could already have
decrypted the cipher and stored a copy. While it is in possible to decrypted the cipher and stored a copy. While it is in possible to
revoke a key with `keyid-=`, it is designed for a remove a key with `keyid-=`, it is designed for a
[[completely_different_purpose|encryption]]. [[completely_different_purpose|/encryption]] and does not actually revoke
access.
If git-annex stores the decrypted symmetric cipher in memory, then there If git-annex stores the decrypted symmetric cipher in memory, then there
is a risk that it could be intercepted from there by an attacker. Gpg is a risk that it could be intercepted from there by an attacker. Gpg