propellor/doc/todo/multi_gpg_key_privdata.mdwn

To support multiple gpg keys added with --add-key, propellor should

* When it encrypts the privdata after a change, encrypt it to all keys
  listed in `privdata/keyring.gpg`. See [this
  post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/)
  explaining why and how encryption with multiple recipients work. 
* When --add-key adds a new key, it should re-encrypt the privdata,
  so that this new key can access it.
* When --add-key on behalf of another user, do not modify the signing key for
  local git. This entails either splitting this command in two, `--add-key` and
  `--set-signing-key`, or adding another command `--add-foreign-key`,
  or perhaps determining if the key being added has a known secret key.

[[done]]
update 2014-11-11 14:38:14 +00:00			`To support multiple gpg keys added with --add-key, propellor should`

			`* When it encrypts the privdata after a change, encrypt it to all keys`
added some details to multipe gpg keys issue 2014-11-11 16:37:53 +00:00			listed in `privdata/keyring.gpg`. See [this
			`post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/)`
			`explaining why and how encryption with multiple recipients work.`
update 2014-11-11 14:38:14 +00:00			`* When --add-key adds a new key, it should re-encrypt the privdata,`
			`so that this new key can access it.`
added some details to multipe gpg keys issue 2014-11-11 16:37:53 +00:00			`* When --add-key on behalf of another user, do not modify the signing key for`
			local git. This entails either splitting this command in two, `--add-key` and
avoid configuring git signing key when there's no secret key Also, nice display for --add-key steps 2014-11-11 17:41:25 +00:00			`--set-signing-key`, or adding another command `--add-foreign-key`,
			`or perhaps determining if the key being added has a known secret key.`
should be fixed 2014-11-11 17:47:22 +00:00
			`[[done]]`