<div>I see what you mean now.<br></div><div><br></div><div>Would be possible to store a per-directory 'key' entry, and just leave directory names in the clear so you can still organize your passwords into a hierarchy without leaking too much information?<br></div><div><br></div><div> It seems to me that category names might not be too sensitive ("email", "business"), but password names can be ("someone@example.com").<br></div><div><br></div><div>As for git-remote-gcrypt, I don't think it covers all the bases such as when a disk falls into the wrong hands.<br></div><div><br></div><div>Sent from <a href="https://protonmail.ch">ProtonMail</a>, encrypted email based in Switzerland.<br></div><div><br></div><div><br></div><blockquote class="protonmail_quote" type="cite"><div>-------- Original Message --------<br></div><div>Subject: Re: [pass] Encrypt filenames in the store<br></div><div>Local Time: February 14, 2016 12:42 pm<br></div><div>UTC Time: February 14, 2016 5:42 PM<br></div><div>From: mail@lenzw.de<br></div><div>To: password-store@lists.zx2c4.com<br></div><div><br></div><div>
<br></div><div class="moz-cite-prefix"><div>If you do not trust your remote, you
might as well just encrypt the remote:<br></div><div>
<a href="https://github.com/joeyh/git-remote-gcrypt/" class="moz-txt-link-freetext">https://github.com/joeyh/git-remote-gcrypt/</a><br></div><div>
<br></div><div>
Am 14.02.2016 um 17:54 schrieb franklin_wei:<br></div></div><blockquote type="cite" cite="mid:a0jjbMu8DRRwVMR1ZZeHMQOrxtyZYWX-M33o884Z3UCnyjNtxmBO6PaRIjySWwgJoT-6_C1tHPpTwGvWKFnUUw==@protonmail.com"><div>I don't understand what you mean by the "tree file."<br></div><div><br></div><div>The main purpose behind this would be to make it safer to
push your passwords to an untrusted remote.<br></div><div><br></div><div>Sent from <a href="https://protonmail.ch">ProtonMail</a>, encrypted email
based in Switzerland.<br></div><div><br></div><div><br></div><blockquote type="cite" class="protonmail_quote"><div>-------- Original Message --------<br></div><div>Subject: Re: [pass] Encrypt filenames in the store<br></div><div>Local Time: February 13, 2016 8:37 pm<br></div><div>UTC Time: February 14, 2016 1:37 AM<br></div><div>From: <a href="mailto:the_jinx@etv.cx" class="moz-txt-link-abbreviated">the_jinx@etv.cx</a><br></div><div>To:
<a href="mailto:franklin_wei@protonmail.com,password-store@lists.zx2c4.com" class="moz-txt-link-abbreviated">franklin_wei@protonmail.com,password-store@lists.zx2c4.com</a><br></div><div><br></div><div>The tree file would still have to be readable for all the
recipients of all the "folders" and how would you store the
(currently per-folder) .gpg-id files?<br></div><div><br></div><div>This sounds very incompatible with some of the pass ideas by
nature.<br></div><div><br></div><div class="gmail_quote"><div>On 14 February 2016 02:33:56 CET, franklin_wei
<a href="mailto:franklin_wei@protonmail.com" class="moz-txt-link-rfc2396E"><franklin_wei@protonmail.com></a> wrote:<br></div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px
solid rgb(204, 204, 204); padding-left: 1ex;"><div>Hello,<br></div><div><br></div><div>I'd like to propose a method for implementing this idea
without destroying the whole idea behind pass. It goes as
follows:<br></div><div><br></div><div>1) Every new password entry is stored in a sequential
filename. (0.gpg, 1.gpg, etc.)<br></div><div>2) There is a single global, encrypted, "key" entry
that contains a list of mappings from entry names to
filenames.<br></div><div><br></div><div>This would make it difficult for an attacker to glean
any meaningful information from password names, while
still making it reasonably easy to manage passwords.<br></div><div><br></div><div>Thank you<br></div><div><br></div><div>Sent from <a href="https://protonmail.ch">ProtonMail</a>, encrypted
email based in Switzerland.<br></div><p style="margin-top: 2.5em; margin-bottom: 1em;
border-bottom: 1px solid #000"><br></p><pre class="k9mail"><div><hr><br></div><div>Password-Store mailing list
<br></div><div><a href="mailto:Password-Store@lists.zx2c4.com" class="moz-txt-link-abbreviated">Password-Store@lists.zx2c4.com</a><br></div><div><a href="http://lists.zx2c4.com/mailman/listinfo/password-store">http://lists.zx2c4.com/mailman/listinfo/password-store</a><br></div></pre></blockquote></div><div><br></div><div>--
<br></div><div>Sent from my Android device with K-9 Mail. Please excuse my brevity.
<br></div></blockquote><div><br></div><pre wrap="">_______________________________________________
Password-Store mailing list
<a href="mailto:Password-Store@lists.zx2c4.com" class="moz-txt-link-abbreviated">Password-Store@lists.zx2c4.com</a>
<a href="http://lists.zx2c4.com/mailman/listinfo/password-store" class="moz-txt-link-freetext">http://lists.zx2c4.com/mailman/listinfo/password-store</a><br></pre></blockquote></blockquote><div><br></div>