diff options
Diffstat (limited to 'doc/todo/feature_request:_pubkey-only_encryption_mode.mdwn')
| -rw-r--r-- | doc/todo/feature_request:_pubkey-only_encryption_mode.mdwn | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/todo/feature_request:_pubkey-only_encryption_mode.mdwn b/doc/todo/feature_request:_pubkey-only_encryption_mode.mdwn new file mode 100644 index 000000000..2bfc629dd --- /dev/null +++ b/doc/todo/feature_request:_pubkey-only_encryption_mode.mdwn @@ -0,0 +1,14 @@ +### Feature request + +It is not possible to put encrypted content in place on remotes with just a +public GPG key. You always need the private key, even for encryption. I +guess this is because how the cipher HMAC is used for replacing file names +with their hashes. However, if that requirement (having secret file names) +was dropped, I assume a pubkey-only mode could be implemented? + +My specific use case is backup archiving. I have my backups packed in +archive files and want to use git-annex to copy the archives to offsite +remotes (S3). In that case, I don't care much about hiding file names, but +would appreciate the increased security of not having the secret key on the +backup server. It would only be needed if I wanted to verify or restore +backups. |