diff options
| author |  Joey Hess <joey@kitenet.net> | 2011-05-01 14:09:07 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2011-05-01 14:09:07 -0400 |
| commit | 3095e1631180d87cba112c210dfdfeee9b57ef54 (patch) | |
| tree | 4a2b29c7f367b70b01eb603dda8c776d3561d375 | |
| parent | 1f84c7a9642378e26d2b076def52255361591a04 (diff) | |
mention that the cipher can also be used to crypt access keys
| -rw-r--r-- | doc/design/encryption.mdwn | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/design/encryption.mdwn b/doc/design/encryption.mdwn index b30e01cdd..bcd6a11bc 100644 --- a/doc/design/encryption.mdwn +++ b/doc/design/encryption.mdwn @@ -85,6 +85,15 @@ really have content. If it's later determined to be safe to not encrypt the HMAC cipher, the current design allows changing that, even for existing remotes. +## other use of the symmetric cipher + +The symmetric cipher can be used to encrypt other content than the content +sent to the remote. In particular, it may make sense to encrypt whatever +access keys are used by the special remote with the cipher, and store that +in remotes.log. This way anyone whose gpg key has been given access to +the cipher can get access to whatever other credentials are needed to +use the special remote. + ## risks A risk of this scheme is that, once the symmetric cipher has been obtained, it |