comment

author Joey Hess <joeyh@joeyh.name>

Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)

committer Joey Hess <joeyh@joeyh.name>

Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)
author Joey Hess <joeyh@joeyh.name>
Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)
committer Joey Hess <joeyh@joeyh.name>
Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)
diff --git a/doc/todo/encrypt_only_the_credentials/comment_5_dc9c94892b4f8a7d072e6dc036adc05a._comment b/doc/todo/encrypt_only_the_credentials/comment_5_dc9c94892b4f8a7d072e6dc036adc05a._comment

new file mode 100644 (file)

index 0000000..a86867f
--- /dev/null
+++ b/doc/todo/encrypt_only_the_credentials/comment_5_dc9c94892b4f8a7d072e6dc036adc05a._comment
@@ -0,0 +1,19 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 5"""
+ date="2025-08-20T17:44:07Z"
+ content="""
+I think I was assuming that encryption=onlycreds would use the same scheme as
+encryption=hybrid, so new gpg keys can later be given access to the creds.
+
+It might be possible that someone would want the equivilant of 
+encryption=pubkey instead. (encryption=sharedpubkey is the same as
+encryption=pubkey as far as encryption of creds goes).
+
+In future there might be some other, better encryption scheme that might be
+desirable to use only for creds. Eg, something other than gpg..
+
+An alternative to support such would be to use:
+
+       encryption=<whatever> embedcreds=yes onlyencryptcreds=yes
+"""]]
author	Joey Hess <joeyh@joeyh.name>
	Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)
committer	Joey Hess <joeyh@joeyh.name>
	Wed, 20 Aug 2025 18:16:29 +0000 (14:16 -0400)