[pass] Possible improvements
al at megamicron.net
Sat Jan 23 18:38:36 CET 2016
How does the key sharing work?
> On Sat, Jan 23, 2016, at 12:05 PM, Matthew Monaco <matt at monaco.cx> wrote:
> You're asking for a different project.
> On 01/23/2016 07:03 AM, Dashamir Hoxha wrote:
>> Why do you use asymmetric encryption (public/private keys).
>> I think that symmetric encrypion is easier, stronger, and simpler
>> (you don't need to generate and maintain a key, all you need is
>> a passphrase). It can be done with `gpg -c ...`.
> I use my smartcard for the crypto, can't do that with only symmetric. I also
> share some keys with my wife, can't do that without sharing the password.
>> Second issue: I think that it is not good that the structure of
>> directories, subdiretories and files is visible and unencrypted,
>> because it does give out some information about which sites
>> you are using. Is it not possible to create an archive (tar) file
>> of this directory and to encrypt this archive file? Then you can
>> decrypt it when you need to change or read something.
> There's been a lot of discussion here about this. It would be nice, but it would
> kill a really nice feature: the automatic git change history. You can put a
> wrapper around pass that stores everything in an encrypted block device, or use
> encfs, ...
>> Password-Store mailing list
>> Password-Store at lists.zx2c4.com
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
More information about the Password-Store