On 2019-01-10 11:49, Stephen Connolly wrote:
That would meen, though, that the PMC would need to re-encrypt the file
every time the PMC changes or any time a PMC member loses their GPG key
Note to self: e.g. see
http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/
for example of how to encrypt a file for multiple recipients.
A even trickier situation is when there's no recipient left (because
went emeritus, death, ..) to decrypt the credentials. :-) It's wise to
add new pmc members to recipients as soon as the new pmc member arrives.
