use different parts of cipher for hmac and gpg

Per bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing

It may be paranoid to worry about the cipher being recovered
from hmac keys, but yes.. let's be paranoid.

1 files changed, 2 insertions, 2 deletions

diff --git a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
index 1980a8f44..9fc31fa48 100644
--- a/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
+++ b/doc/bugs/S3_bucket_uses_the_same_key_for_encryption_and_hashing.mdwn
@@ -4,5 +4,5 @@ Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice?
 
 Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing.
 
-> See [[design/encryption]]. I don't think this bug needs to be kept
-> open. [[done]] --[[Joey]] 
+> Bug was filed prematurely, but was a good bit of paranoia, and gpg and
+> hmac are given different secret keys [[done]] --[[Joey]]