On Fri, Sep 09, 2011 at 12:05:00PM -0700, Junio C Hamano wrote: > Jeff King <peff@xxxxxxxx> writes: > > >> B) Keep blobs encrypted, checkout decrypted > >> - Use Use "*.gpg filter=gpg" in your attributes and > >> [filter "gpg"] > >> smudge = gpg -d > >> clean = gpg -e -r yourgpgkey > >> in your config. > >> > >> I use A on a regular basis. B is untested (but patterned after a similar > >> gzip filter I use). You may or may not have better results with "gpg -ea". > > > > Yeah, I think that would work but have never tried it either. > > Unless "gpg -e" encrypts the same cleartext into the same cyphertext every > time, the above "clean" filter probably wouldn't be very useful. Ah, right, I remember now running into that at some point. You could get around that by using a symmetric cipher in block mode, or with a non-random IV, but then you're opening yourself up to some cryptanalytic attacks. -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html