From 4c19e8407dc80bea9f3fd9559338bbc68ee0678d Mon Sep 17 00:00:00 2001 From: Arnaud Bailly Date: Wed, 12 Nov 2014 00:37:53 +0800 Subject: added some details to multipe gpg keys issue --- doc/todo/multi_gpg_key_privdata.mdwn | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'doc/todo') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index 754aa7e9..1d9b05a4 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -1,6 +1,11 @@ To support multiple gpg keys added with --add-key, propellor should * When it encrypts the privdata after a change, encrypt it to all keys - listed in `privdata/keyring.gpg` + listed in `privdata/keyring.gpg`. See [this + post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/) + explaining why and how encryption with multiple recipients work. * When --add-key adds a new key, it should re-encrypt the privdata, so that this new key can access it. +* When --add-key on behalf of another user, do not modify the signing key for + local git. This entails either splitting this command in two, `--add-key` and + `--set-signing-key`, or adding another command `--add-foreign-key`. -- cgit v1.2.3