Archives
/
git-secret
mirror of https://github.com/sobolevn/git-secret
2
1
Fork 0
Code Issues Projects Releases Wiki Activity

final

Browse Source
pull/207/head
Simon Massey 6 years ago
parent 1127892252
commit 2cef2a337f
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File

12
RFC/RFC001.md
Unescape Escape View File

@ -28,7 +28,7 @@ GPG maintains backwards compatibility but not forwards compatibility. Running a
git-secret will move away from using the keyring format as shared storage of public keys. Instead it will store public keys as exported keys in ASCII armor format. The public key export format is stable and forwards compatible. GPG users will typically be running different GPG or PGP versions and are able to exchange keys successfully. Any future bugs that effect git-secret's ability to use the exported public keys will affect typical GPG or PGP key exchange usage. Such bugs are likely to be caught and fixed by the wider opensource community.
git-secret may need to store and process meta-data about keys to make it efficient to work with keys that are stored witin individual files. It will use the machine-readable ["colon listings format"](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS) for this purpose.
git-secret may need to store and process meta-data about keys to make it efficient to work with keys that are stored within individual files. It will use the machine-readable ["colon listings format"](https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob_plain;f=doc/DETAILS) for this purpose.
It is anticipated that `bash` and `gawk` will be sufficient to be able to use the new shared key storage format efficiently.
@ -36,14 +36,14 @@ It is anticipated that `bash` and `gawk` will be sufficient to be able to use th
The new storage format will be implimented as follows:
1. Keys will be stored in `~/.gitsecret/keys` in `gpg --armor --export` format. The use of ASCII armour rather than binary format is to make debugging of key issues easier. The filename of the key will `<keyid>.pub.gpg` (using Field 5 the "64-bit keyid" of the colon listings format)
1. Keys will be stored in `~/.gitsecret/keys` in `gpg --armor --export` format. The use of ASCII armour rather than binary format is to make debugging of key issues easier. The filename of the key will be `<keyid>.pub.gpg` (using Field 5 the "64-bit keyid" of the colon listings format)
1. Key meta data will be stored alongside the key file in the `gpg --keyid-format long --with-colons` format. The file name will be `<keyid>.gpg.colon`
1. A folder `~/.gitsecret/cache` will be added to `.gitignore`. At this location, a public keyring will be maintained on a per user bases and it won't be shared by users. This is simply a "local cache" of the keys used to encrypt files.
1. A folder `~/.gitsecret/cache` will be added to `.gitignore`. At this location, a public keyring will be maintained on a per user bases and won't be shared between users. This is simply a "keyring cache" of the keys used to encrypt files.
git-secret-tell will:
1. Scan the set of `*.gpg.colon` files to find all currently told identities. If the told identity is in the list do nothing.
1. If the told identity isn't listed run `gpg --armor --export` against the users `$HOME` keyring. Run `--keyid-format long --with-colons` of the exported key. Then create the two new files `<key-id>.pub.gpg` and `<key-id>.gpg.colon` in `~/.gitsecret/keys`
1. Scan the set of `*.gpg.colon` files to find all currently told identities. If the given identity is in the list do nothing.
1. If the given identity isn't listed run `gpg --armor --export` against the users `$HOME` keyring. Run `--keyid-format long --with-colons` of the exported key. Then create the two new files `<key-id>.pub.gpg` and `<key-id>.gpg.colon` in `~/.gitsecret/keys`
Note that the additional steps to ensure that older versions of git-secret know about the newly told user will be outlined below.
@ -129,7 +129,7 @@ To maintain forward compatibility the approach requires the existing logic to ke
What other designs have been considered? Unknown.
What is the impact of not doing this? Team members are locked out of secrets when only one other team member upgrades GPG. This can go undetected until the victim needs the secrets in a hurry for production support. Bad things then happen.
What is the impact of not doing this? Team members are locked out of secrets when only one other team member upgrades GPG. This can go undetected until the victims needs the secrets in a hurry for production support. Bad things then happen.
## Unresolved questions

Write Preview
Loading…
Cancel
Save