On Wed, Mar 19, 2014 at 10:06 AM, Jan-Frode Myklebust <[email protected]> wrote: > I agree it's a pain to distribute, and change keys, but am uncertain about if > I'd want to blindly trust a keyring distributed together with the password > store. Actually, even trusting the list of keyid's instead of a group name > defined outside of the git repo is opening up an easy attack by changing the > list of id's git-serverside to steal new passwords. > > The .gpg_id (or keyring) should probably be signed by someone we trust > outside of the password-store before use.
Why not sign the .gpg_id files after creation as part of the init process? Does it need to be signed by someone who doesn't use the password store? -- Brian Shore Senior Systems Engineer, Security Architect Network Redux, LLC 5200 SW Macadam Ave Ste 450 Portland, Oregon 97239 Desk: 503-274-9905 x503 _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
