Re: Encrypted repositories

2012-09-07 Thread Enrico Weigelt
Well, everybody can access the objects, but they're encrypted, so you need the repo key (which, of course isn't contained in the repo itself ;-p) to decrypt them. So, in short, blobs are not encrypted with the hash of their contents as encryption keys at all. No, the blobs are

Re: Encrypted repositories

2012-09-07 Thread David Aguilar
On Fri, Sep 7, 2012 at 8:34 PM, Enrico Weigelt enrico.weig...@vnc.biz wrote: Well, everybody can access the objects, but they're encrypted, so you need the repo key (which, of course isn't contained in the repo itself ;-p) to decrypt them. So, in short, blobs are not encrypted with the

Re: Encrypted repositories

2012-09-06 Thread Enrico Weigelt
Hi, Enrico Weigelt enrico.weig...@vnc.biz writes: * blobs are encrypted with their (original) content hash as encryption keys What does this even mean? Is it expected that anybody who has access to the repository can learn names of objects (e.g. by running ls .git/objects/??/)? If

Re: Encrypted repositories

2012-09-06 Thread Junio C Hamano
Enrico Weigelt enrico.weig...@vnc.biz writes: Enrico Weigelt enrico.weig...@vnc.biz writes: * blobs are encrypted with their (original) content hash as encryption keys What does this even mean? Is it expected that anybody who has access to the repository can learn names of objects

Re: Encrypted repositories

2012-09-05 Thread Junio C Hamano
Enrico Weigelt enrico.weig...@vnc.biz writes: * blobs are encrypted with their (original) content hash as encryption keys What does this even mean? Is it expected that anybody who has access to the repository can learn names of objects (e.g. by running ls .git/objects/??/)? If so, from whom