added some details to multipe gpg keys issue

This commit is contained in:
Arnaud Bailly 2014-11-12 00:37:53 +08:00 committed by Joey Hess
parent 51cb668e5c
commit 4c19e8407d
1 changed files with 6 additions and 1 deletions

View File

@ -1,6 +1,11 @@
To support multiple gpg keys added with --add-key, propellor should To support multiple gpg keys added with --add-key, propellor should
* When it encrypts the privdata after a change, encrypt it to all keys * When it encrypts the privdata after a change, encrypt it to all keys
listed in `privdata/keyring.gpg` listed in `privdata/keyring.gpg`. See [this
post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/)
explaining why and how encryption with multiple recipients work.
* When --add-key adds a new key, it should re-encrypt the privdata, * When --add-key adds a new key, it should re-encrypt the privdata,
so that this new key can access it. so that this new key can access it.
* When --add-key on behalf of another user, do not modify the signing key for
local git. This entails either splitting this command in two, `--add-key` and
`--set-signing-key`, or adding another command `--add-foreign-key`.