Tim Cross <theophil...@gmail.com> writes: > David Masterson <dsmaster...@gmail.com> writes: > >> I think I've gotten org-crypt working, but I think some things are not >> making sense (it might be just me): >> >> 1. I've set org-crypt-key to nil (symmetric encryption). >> 2. Can I use a different encryption key for each encrypted paragraph? >> 3. Does org-encrypt only ask for the key the first time? >> 4. Does org-decrypt only ask for the key the first time? >> 5. How do they know where to get the password when they don't ask? >> 6. Shouldn't org-crypt docs in org manual have examples? >> Does this make sense -- I think I'm messing something up. > > Warning: I have not used org-crypt for many years. These days, I just > use a .org.gpg extensions and symmetrically encrypt the whole file. > However, I think I can probably answer some of your questions -
Hmm, two questions that this brings up: 1. Do you access your files on (say) iPhone? 2. Do you store your files in Git (say Github)? >> 2. Can I use a different encryption key for each encrypted paragraph? > > According to the manual - > > No, not with symmetric encryption. I think this can only work with > asymmetric encryption. This needs to be spelled out better. > If your using symmetric encryption, you typically just have one key for > all the data within the file. From the gnuPG perspective, this is just > encrypted text. It does not 'know' about different paragraphs. To have > different encryption with each paragraph, you would need to specify > different keys and there is no mechanism to do that with symmetric > encryption only asymmetric. org-(en/de)crypt ?? Hmm, you're suggesting you don't use org-(en/de)crypt. The manual doesn't spell out very well how to do that. Where do you put your key for symmetric encryption? > What is your use case where you need multiple symmetric encryption keys > in one file? One broken key doesn't give up the whole file. >> 6. Shouldn't org-crypt docs in org manual have examples? > > Probably, though I don't know what else you would put in there which > isn't already there. Feel free to supply a PR or patch once you have > worked it out. However, as noted in the commentary section, org-crypt.el > is really a very light-weight wrapper around functions in epg.el, so > likely the first place to start when looking for documentation and > examples is the epa/epg/easyPG manual Not good at writing these days, buy I'll consider. -- David Masterson
