[H-SASIG] Passwords and secrets
Greg Black
gjb at yaxom.com
Mon Dec 21 03:13:10 EST 2009
On 2009-12-21, Raymond Smith wrote:
> 2009/12/21 Greg Black <gjb at yaxom.com>:
> > And, on the subject of version control, I completely disagree
> > with Ray's idea of using a different system for this one file.
> > Whatever we decide to use (and I thought that decision had been
> > made in favour of Mercurial, but that's not important), we
> > should use it for everything. Whether it's RCS, Hg, Git, or
> > whatever, it will still be one file with its associated revision
> > control directory, and that can be put in a tar file and
> > encrypted quite easily.
>
> I don't care what version control system is used, but I strongly
> believe that commit messages should be encrypted.
Of course. That's what I suggested.
> I suggested RCS because I can see how we could easily encrypt the file
> and the commit history. Perhaps similar things are possible using
> Mecurial, but I am not familiar enough to know how we would go about
> encrypting a single file and its history.
But, since I had already said it was simple for all the revision
control systems I mentioned, surely that might have provided a
clue. I have checked. It is simple. In each case, there's a
directory in the same place as the file (.hg for Mercurial,
equally obvious names for the others) which contains all the
revision control data and history, etc. A tar backup of that is
extremely trivial.
> I also think that Daniel Devine's suggestion of not including this
> file at all in the "public" backup is a good one. That is it should
> only be in the pgp encrypted backup.
I thought that was already agreed, but of course it should be
handled that way.
Greg
More information about the Sasig
mailing list