On Thu, Mar 13, 2008 at 01:16:44PM +0100, Miklos Vajna wrote:
quoted text
> On Thu, Mar 13, 2008 at 12:55:11PM +0100, Johannes Schindelin <Johannes.Schindelin@gmx.de> wrote:
> > The latter can be remedied (somewhat) by encrypting each object 
> > individually.  In that case, .gitattributes can help (you should be able 
> > to find a mail to that extent, which I sent no more than 2 weeks ago).  
> > However, you must make sure that the encryption is repeatable, i.e. two 
> > different encryption runs _must_ result in _identical_ output.
> 
> afaik, this is not the case for gpg.

No, and you wouldn't want to use gpg because of the overhead it adds
around an encrypted message.  You would need to use a raw encryption
algorithm, or one with very minimal wrapping.  It's normally at this
point that that you'd need to bring in a security expert to ask a
whole lot of questions about your exact use scenario, do a formal
threat analysis, since there are all sorts of unanswered questions
about what kind of key management solution you really need for your
situation.

It's usually not as simple as "just encrypt it".  How many people need
to have access to the to the repository?  Do you need to revoke access
to the repository later?  Who is allowed to give a new person access
to the repository?  etc., etc., etc.

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html