<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">If you do not trust your remote, you
might as well just encrypt the remote:<br>
<a class="moz-txt-link-freetext" href="https://github.com/joeyh/git-remote-gcrypt/">https://github.com/joeyh/git-remote-gcrypt/</a><br>
<br>
Am 14.02.2016 um 17:54 schrieb franklin_wei:<br>
</div>
<blockquote
cite="mid:a0jjbMu8DRRwVMR1ZZeHMQOrxtyZYWX-M33o884Z3UCnyjNtxmBO6PaRIjySWwgJoT-6_C1tHPpTwGvWKFnUUw==@protonmail.com"
type="cite">
<div>I don't understand what you mean by the "tree file."<br>
</div>
<div><br>
</div>
<div>The main purpose behind this would be to make it safer to
push your passwords to an untrusted remote.<br>
</div>
<div><br>
</div>
<div>Sent from <a moz-do-not-send="true"
href="https://protonmail.ch">ProtonMail</a>, encrypted email
based in Switzerland.<br>
</div>
<div><br>
</div>
<div><br>
</div>
<blockquote class="protonmail_quote" type="cite">
<div>-------- Original Message --------<br>
</div>
<div>Subject: Re: [pass] Encrypt filenames in the store<br>
</div>
<div>Local Time: February 13, 2016 8:37 pm<br>
</div>
<div>UTC Time: February 14, 2016 1:37 AM<br>
</div>
<div>From: <a class="moz-txt-link-abbreviated" href="mailto:the_jinx@etv.cx">the_jinx@etv.cx</a><br>
</div>
<div>To:
<a class="moz-txt-link-abbreviated" href="mailto:franklin_wei@protonmail.com,password-store@lists.zx2c4.com">franklin_wei@protonmail.com,password-store@lists.zx2c4.com</a><br>
</div>
<div><br>
</div>
<div>The tree file would still have to be readable for all the
recipients of all the "folders" and how would you store the
(currently per-folder) .gpg-id files?<br>
</div>
<div>
<br>
</div>
<div>
This sounds very incompatible with some of the pass ideas by
nature.<br>
</div>
<div><br>
</div>
<div class="gmail_quote">
<div>On 14 February 2016 02:33:56 CET, franklin_wei
<a class="moz-txt-link-rfc2396E" href="mailto:franklin_wei@protonmail.com"><franklin_wei@protonmail.com></a> wrote:<br>
</div>
<blockquote style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px
solid rgb(204, 204, 204); padding-left: 1ex;"
class="gmail_quote">
<div>Hello,<br>
</div>
<div><br>
</div>
<div>I'd like to propose a method for implementing this idea
without destroying the whole idea behind pass. It goes as
follows:<br>
</div>
<div><br>
</div>
<div>1) Every new password entry is stored in a sequential
filename. (0.gpg, 1.gpg, etc.)<br>
</div>
<div>2) There is a single global, encrypted, "key" entry
that contains a list of mappings from entry names to
filenames.<br>
</div>
<div><br>
</div>
<div>This would make it difficult for an attacker to glean
any meaningful information from password names, while
still making it reasonably easy to manage passwords.<br>
</div>
<div><br>
</div>
<div>Thank you<br>
</div>
<div><br>
</div>
<div>Sent from <a moz-do-not-send="true"
href="https://protonmail.ch">ProtonMail</a>, encrypted
email based in Switzerland.<br>
</div>
<p style="margin-top: 2.5em; margin-bottom: 1em;
border-bottom: 1px solid #000"><br>
</p>
<pre class="k9mail"><div><hr>
</div><div>Password-Store mailing list
</div><div><a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
</div><div><a moz-do-not-send="true" href="http://lists.zx2c4.com/mailman/listinfo/password-store">http://lists.zx2c4.com/mailman/listinfo/password-store</a>
</div></pre></blockquote></div><div>
</div><div>--
</div><div>
Sent from my Android device with K-9 Mail. Please excuse my brevity.
</div></blockquote><div>
</div>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre wrap="">_______________________________________________
Password-Store mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Password-Store@lists.zx2c4.com">Password-Store@lists.zx2c4.com</a>
<a class="moz-txt-link-freetext" href="http://lists.zx2c4.com/mailman/listinfo/password-store">http://lists.zx2c4.com/mailman/listinfo/password-store</a>
</pre>
</blockquote>
</body></html>