On 9 December 2015 at 15:26, Uwe Kaminski <[email protected]> wrote: > What still keeps problematic is when using git the history contains > also encrypted files that are encrypted by a key that was "revoked" > later on. >
What you are implicitly asking for isn't possible under pass's model and I'm not sure that it's even useful. If someone's access to a secret is revoked you must always rotate that secret at the same time, because you can't be sure that they don't have a local copy of the secret outside the storage system. I don't think there's any getting round that. -Ben
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
