summaryrefslogtreecommitdiff
path: root/doc/todo
diff options
context:
space:
mode:
authorJoey Hess2014-11-11 13:47:25 -0400
committerJoey Hess2014-11-11 13:47:25 -0400
commit08ff95fbfaf867ad5a6acdecfd0eb1e84ed44fd9 (patch)
treeb5fa72c40d3c6c1438e7ab3191c1136887fe7b4f /doc/todo
parentbd7869c01c38065275acfdc4b139a93439433229 (diff)
parent05a793dd5916a3d21cbec783e26bd629891ad7f1 (diff)
Merge branch 'joeyconfig'
Diffstat (limited to 'doc/todo')
-rw-r--r--doc/todo/multi_gpg_key_privdata.mdwn10
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn
index 754aa7e9..3ee6b3b8 100644
--- a/doc/todo/multi_gpg_key_privdata.mdwn
+++ b/doc/todo/multi_gpg_key_privdata.mdwn
@@ -1,6 +1,14 @@
To support multiple gpg keys added with --add-key, propellor should
* When it encrypts the privdata after a change, encrypt it to all keys
- listed in `privdata/keyring.gpg`
+ listed in `privdata/keyring.gpg`. See [this
+ post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/)
+ explaining why and how encryption with multiple recipients work.
* When --add-key adds a new key, it should re-encrypt the privdata,
so that this new key can access it.
+* When --add-key on behalf of another user, do not modify the signing key for
+ local git. This entails either splitting this command in two, `--add-key` and
+ `--set-signing-key`, or adding another command `--add-foreign-key`,
+ or perhaps determining if the key being added has a known secret key.
+
+[[done]]