On Fri, Sep 7, 2012 at 8:34 PM, Enrico Weigelt wrote:
>
>> > Well, everybody can access the objects, but they're encrypted,
>> > so you need the repo key (which, of course isn't contained in
>> > the repo itself ;-p) to decrypt them.
>>
>> So, in short, blobs are not encrypted with the hash of the
> > Well, everybody can access the objects, but they're encrypted,
> > so you need the repo key (which, of course isn't contained in
> > the repo itself ;-p) to decrypt them.
>
> So, in short, blobs are not encrypted with the hash of their
> contents as encryption keys at all.
No, the blobs are
Enrico Weigelt writes:
>> Enrico Weigelt writes:
>>
>> > * blobs are encrypted with their (original) content hash as
>> > encryption keys
>>
>> What does this even mean?
>>
>> Is it expected that anybody who has access to the repository can
>> learn names of objects (e.g. by running "ls .gi
Hi,
> Enrico Weigelt writes:
>
> > * blobs are encrypted with their (original) content hash as
> > encryption keys
>
> What does this even mean?
>
> Is it expected that anybody who has access to the repository can
> learn names of objects (e.g. by running "ls .git/objects/??/")? If
> so, fro
Enrico Weigelt writes:
> * blobs are encrypted with their (original) content hash as
> encryption keys
What does this even mean?
Is it expected that anybody who has access to the repository can
learn names of objects (e.g. by running "ls .git/objects/??/")? If
so, from whom are you protecting
Hi,
I'm currently planning to implement an strong encryption in git
(not like gitcrypt, but with encrypted blobs, directories, etc,
directly in the core).
The idea goes like this:
* blobs are encrypted with their (original) content hash as
encryption keys
* directory objects only hold randomiz
6 matches
Mail list logo
