Hello there! I'm HacKan, and currently a new pass user. However, I've been following development for a while, I like it.
I noticed the repo site doesn't have an issue tracker, and I would like to propose two additions to pass: a way to add files (text or binary) to the storage and a way to certify items in the storage. Currently, to achieve the first I gpg'ed the file manually and output the result inside pass storage dir, but it's rather inconvenient. Something like pass insert <pass-name> <filepath> would be better. For the second, I noticed that from commit ff62f87f41557ab7267defab662324927301485a <https://git.zx2c4.com/password-store/commit/?id=ff62f87f41557ab7267defab662324927301485a> there's an option to sign files. I'm not sure how do you plan to implement such feature, if signing items individually and then verifying prior use, but I was thinking that an easy way to do it is simply mantain a /signed/ SHA512SUMS file on the root of the pass dir, and update it during insertions or modifications. This allows to ensure each item's authenticity, and also backwards compat since implementing it on an older "database" is pretty easy. Let me know of your thought on those ideas, if there's another place to put them instead of this mailing list, and also if I should clarify/expand them. Cheers, -- HacKan || Iván GPG: 0xECF0573B1C9B59E8
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
