On Thu, Jan 10, 2019 at 4:58 AM Dominik Psenner <dpsen...@gmail.com> wrote:
> On 2019-01-10 11:49, Stephen Connolly wrote: > > That would meen, though, that the PMC would need to re-encrypt the file > > every time the PMC changes or any time a PMC member loses their GPG key > > > > Note to self: e.g. see > > > http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/ > > for example of how to encrypt a file for multiple recipients. > > A even trickier situation is when there's no recipient left (because > went emeritus, death, ..) to decrypt the credentials. :-) It's wise to > add new pmc members to recipients as soon as the new pmc member arrives. > Should anything along these lines be chosen, this wouldn't be a problem. Infra would be one of the multiple recipients and/or we could easily generate new credentials when the old creds are lost to stagnation. Cheers, -g
