<div dir="ltr"><div dir="ltr"><br></div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Feb 22, 2019 at 9:37 AM higuita <<a href="mailto:higuita@gmx.net">higuita@gmx.net</a>> wrote:</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Of course i'm not talking about a malicious user directly, those can dump <br>
everything as plain text, it's more protecting "personal" backups and copies <br>
stored in other places that we may not trust in a long run.<br><br></blockquote><div> </div><div><div>This means NOT storing your encrypted keys on a local device, but storing them in a (online) place where you can easily revoke access to. I have found keybase and their keybase filesystem to work for me (<a href="https://keybase.io/docs/kbfs">https://keybase.io/docs/kbfs</a>). </div></div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Maybe pass could generate a key that expires after x days and double encrypt<br>
everything using first the key with the expiration date and then the user key.<br>
A small deamon (or even a cron) could keep the expiration key valid by generating<br>
a new one and reencrypt. Users that still have access can do a git pull and<br>
get the updated info. Users that fail to update will be unable to decrypt the<br>
content after the key was expired.<br>
<br>
Pass could remove the expired key automatically if expired, to avoid the faketime <br>
loophole of timetravel back to when the key was still valid.<br></blockquote></div><div><div><br></div><div>It works similarly to your double encrypt idea. The encrypted pass files on KBFS is encrypted again with a device specific key. The pass files are streamed to your machine and decrypted when needed. You can revoke a device and it will not be able to get the encrypted pass files anymore.</div></div><div><br></div><div>Regards,</div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"></div><div dir="ltr"><table cellpadding="0" cellspacing="0" border="0" style="font-family:"Times New Roman";background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td valign="top" style="padding:0px 7px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><table cellpadding="0" cellspacing="0" border="0" style="background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td style="padding:0px"><table cellpadding="0" cellspacing="0" border="0" style="background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td colspan="2" style="padding-bottom:5px;color:rgb(31,31,31);font-size:16px;font-family:Georgia,Times,"Times New Roman",serif;font-weight:bold">Jake Yip<br></td></tr><tr><td colspan="2" style="padding-bottom:20px;color:rgb(31,31,31);font-size:12px;font-family:Arial,Helvetica,sans-serif">DevOps Engineer<br></td></tr><tr><td colspan="2" style="padding-bottom:20px;color:rgb(31,31,31);font-size:12px;font-family:Arial,Helvetica,sans-serif;line-height:16.2px"><span style="font-weight:bold">M</span> <a href="tel:+61+383+443+669" style="color:rgb(31,31,31);line-height:16.2px" target="_blank">+61 383 443 669</a><br><a href="mailto:tsuey.cham@ardc.edu.au" style="color:rgb(31,31,31);line-height:16.2px" target="_blank">jake.yip@ardc.edu.au</a> <br><a href="http://www.ardc.edu.au" style="color:rgb(31,31,31);font-weight:bold;line-height:16.2px" target="_blank">ardc.edu.au</a></td></tr></tbody></table></td></tr><tr style="padding-top:0px"><td valign="top" style="padding:0px 7px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><a href="http://ardc.edu.au" style="color:rgb(31,31,31);font-weight:bold;font-size:12px;line-height:16.2px" target="_blank"><img src="https://lh3.googleusercontent.com/jkSF_JUFoEFHgiv-uuus2iSzlFA40l_jCKsjgAxQwMGvA_we1qP8yd5H7qrF6Ap9iJf6ZgeUXoN9-CSKYmcDSXK-GwxVckZ_7k2aAmml4N8SMMC2ZuVEYHQoEQgiLUm9ySyU1uMVfSP6qLa3mzZX0oAmjOarkhm5gp-fdzoPtmH8fWpuW-c2ih_M6sXfAs0Sqv95hYXo9nstxt4-ednQF9CIHh2pNpja4iBnaDNJbfNOMaNglLyIZTVnWhsczrUHXy4Du7JGhKipWssfzZsISuUcoSnxsRWsvQVbH4-K0QqmdRWpOOUZitq-iu80fRtcj3yJKSubSfMyws2sOolMK3rLR8WY4LabO_8UhHQRcnTjz_9UvHv3FUvfvvAqF9yClsxMnT05udatNO_ptUrHk-8C_ODDx0PxsJHVqsJahgaXZ4yGKBF89XZgJ1Q4nU-hz7V72Yk5-CAH2GPSrcboJvIjOhOSSo7r5S5mGcd5hjJsG9K5uyPxs8NeJPp1r8ND61ux_oD9PoS-meQaPI50xwfqQrQfdEDs-shAKWCUjnGT_ZudXTH36K6R-9R9OvueDY3OnwI4UA5jS6NohW2KtDhGOw=w320-h200-k" width="200" height="66" alt="ardc.edu.au" style="width: 200px; height: 66px; color: rgb(29, 30, 42); font-family: Arial, Helvetica, sans-serif;"></a></td></tr></tbody></table></td></tr><tr><td valign="top" style="padding:25px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><table cellpadding="0" cellspacing="0" border="0" style="background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td valign="top" style="padding:0px 12px 20px 0px;border-width:0px;border-style:initial;border-color:initial"><img src="https://lh3.googleusercontent.com/w4V8Osu0QNOl62CfxqjvlCn8w82UcqLZn_15yM8cbSVIqhIt0lm34n7wr2PSr5pMtPggb_oGZuxUj9enUeoT4lQOywiFxcPxFYMUXG_Q9oAqwXzuOmAVlHcCTQBcI2h18W0R3jzzslH_wsnrFuU4jTKXCsWsc8MKlR73WfEnyhR0lzs23zmUO8CO1uVM-AfcOd5jCT4n2vhpdzBx6S7slFPNUn74SQJaIOC_yh3-MM0R4NgJ5L5Qgv2I1JJkP_evDjSY205-EUavuFpMiSTsRSl5PWT0l9HL81x3b8OhpiVr6TGJOpKUbMOvD_JkjijKzJTjySfjDywrfo1ZeRnyHKDt8YBY7cQlIAYmhyGC3CFqYrrurwtch3_BcNPKe96bnimHddlJJ4gbi0IPGAXeEyyQAe05TTSSmu3Rdyd9NLQDTxRpHdS-moDsuaZle-6gBuXlkGfmdiuSMX2nokjyL1bih1uDW0rOHWkSL_G1WheJ0pPJdkS9J56QOLtO3YxE6lSizKq7ifTuECHx5eBJA-x0zhdkBpV1Q2iCgLeDetRE1QkiwHtrxjdFA2N3FfmSZcP6D17kePxxaFx6n_8NNmgtDw=w320-h200-k" width="68" height="49" style="color: rgb(102, 102, 102); font-size: 12px; font-family: Arial, Helvetica, sans-serif;"></td></tr></tbody></table></td></tr><tr><td valign="top" style="padding-bottom:5px;padding-left:0px;padding-right:0px;border-width:0px;border-style:initial;border-color:initial"><table cellpadding="0" cellspacing="0" border="0" style="background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td valign="top" style="padding:0px 12px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><a href="https://twitter.com/ands_nectar_rds" target="_blank"><img src="https://lh3.googleusercontent.com/mq9gMXdFq5POuTV9v9pdedYaKS4kCOCpaBr2dtZjIqtejxtE4-M8lrMCjXAzh5ZteRRmLcuNgJTDEbZ6Qd8PeinVqIw_5a3_SsjAWCMbihFF8bppWp3VfOimLjT3Krpg4MxpLoW9tHL_Qz0I1x6eOms_vQukMCpTK2rkKCGTGLKVmqFXBsT0ZvCZzjbGGJvTPnhdako3Rh9vE7N8MXth6guh2oaMeKN-7RRmIapEdZK_vIvq6zxsc8WRzGBKb6Yv6nJ51Qdvd-HBJXtRisu84j30OVs2sJpClZNqOf057EVHOvsN9FH44Pog_WK_0zVZS0XRgIye_pcnnUvV5UxPH9nGZvVY4mB0XlK0a8SSuhbXgNW0vckjqfl_a3oVA3YynREr2pWTS77ZxI8YUDxgEevCrIkF9jCrzn0Yr_9xmWKaWSgXnOaSfv9P-BuF1eQMLBty84TAE-69L6NwVTVzPJ6L9H8Caq3x5S3Rs85xQIeumxk_pzP4GAGmIlHHMVKxeQWDiHgmlN8QwykHu3F3vgHTG74uyVreg5-3BmxvYyIs28I_cp2OMYBBFWfBvcCbZNk9gNfPtc9SyVnacNeHcx9C5Q=w320-h200-k" width="16" height="16" style="color: rgb(102, 102, 102); font-size: 12px; font-family: Arial, Helvetica, sans-serif;"></a></td><td valign="top" style="padding:0px 12px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><a href="https://www.youtube.com/user/andsdata" target="_blank"><img src="https://lh3.googleusercontent.com/Niao3q9A99V4w1LhlPKvWWbzBQeEjiQWKPjnohFU37VH4J50eGVESL2y_AoW_M1XEKndyDIqQCtQPc4x0_5_Q4h9rs3ISDpta-VwHYW-eEnHDDb1KidNlTdFUG-7H7ctfM6JZXeF1SWXQh94euRGGnzOII2YW3_fqqCia6PujJH3fVNkEmoruNkDxbdz36GT3FegLEpaIm4Mb4U_BKbls47e_HkLXiq921tY4ElztauY_3ATt2BwhxkRnfgn_GOagslNoLwVnAjuEx25K0H7IHZHTiQjh4KztfGPj75BotkvmyvFrbgVbUPu7vhM6N2UjZ5W_ohOPWz7QzTRl_oSjZMbv1YMvTzvVFY91tHFnJbiTx8gMh1BIdg2tjI3GedntKhgDn_6Jum0mhNhjdkwf3f7RQScwbKwYloDIGBMNzIjlD5m7mqd8Dn6aQ095ulzm6yAKUAwecVrixCPpKM3qK45-_O04vlP9pNJoXoLTXlCLIZ-rAEp7wwAX7my3g0VOk0ZqH8OJoFfR67yr0MoTlooRBiTmsbxH93MBPgU7gaaGAkuFzBY-Xhpvmi5vXy7Im0wEaO43WpWs3NhX_WYSYSjTQ=w320-h200-k" width="16" height="16" style="color: rgb(102, 102, 102); font-size: 12px; font-family: Arial, Helvetica, sans-serif;"></a></td></tr></tbody></table></td></tr><tr><td valign="top" style="padding:10px 0px 0px;border-width:0px;border-style:initial;border-color:initial"><table cellpadding="0" cellspacing="0" border="0" style="background:none;border:0px;margin:0px;padding:0px"><tbody><tr><td style="padding-bottom:5px;padding-right:12px;color:rgb(102,102,102);font-size:10px;font-family:Arial,Helvetica,sans-serif;font-style:italic;line-height:13.5px">ARDC acknowledges the Traditional Owners of the lands <br>that we live and work on across Australia and pays its respect <br>to Elders past and present.</td></tr><tr><td style="padding-bottom:20px;padding-right:12px;color:rgb(102,102,102);font-size:10px;font-family:Arial,Helvetica,sans-serif;font-style:italic;line-height:13.5px">Please consider the environment before printing this e-mail.</td></tr></tbody></table></td></tr></tbody></table></div></div></div></div></div></div></div>