Introduction and request

HacKan hackan at gmail.com
Thu Jan 26 16:12:20 CET 2017


Hello there! I'm HacKan, and currently a new pass user. However, I've
been following development for a while, I like it.

I noticed the repo site doesn't have an issue tracker, and I would like
to propose two additions to pass: a way to add files (text or binary) to
the storage and a way to certify items in the storage.

Currently, to achieve the first I gpg'ed the file manually and output
the result inside pass storage dir, but it's rather inconvenient.
Something like pass insert <pass-name> <filepath> would be better.

For the second, I noticed that from commit
ff62f87f41557ab7267defab662324927301485a
<https://git.zx2c4.com/password-store/commit/?id=ff62f87f41557ab7267defab662324927301485a>
there's an option to sign files. I'm not sure how do you plan to
implement such feature, if signing items individually and then verifying
prior use, but I was thinking that an easy way to do it is simply
mantain a /signed/ SHA512SUMS file on the root of the pass dir, and
update it during insertions or modifications. This allows to ensure each
item's authenticity, and also backwards compat since implementing it on
an older "database" is pretty easy.

Let me know of your thought on those ideas, if there's another place to
put them instead of this mailing list, and also if I should
clarify/expand them.

Cheers,

-- 
HacKan || Iván
GPG: 0xECF0573B1C9B59E8

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20170126/d8ea4b6a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 858 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20170126/d8ea4b6a/attachment.asc>


More information about the Password-Store mailing list