On Fri, Sep 7, 2012 at 8:34 PM, Enrico Weigelt <enrico.weigelt@xxxxxxx> wrote: > >> > Well, everybody can access the objects, but they're encrypted, >> > so you need the repo key (which, of course isn't contained in >> > the repo itself ;-p) to decrypt them. >> >> So, in short, blobs are not encrypted with the hash of their >> contents as encryption keys at all. > > No, the blobs are encrypted with their content hash as key, and the > encrypted blob will be stored with it's content hash as object id. > >> > For the usecases I have in mind (backups, filesharing, etc) this >> > wouldn't hurt so much, if the objects are compressed before >> > encryption. >> >> For that kind of usage pattern, you are better off looking at >> encrypted tarballs or zip archives. > > No, that doesn't give us anything like history, incremental > synchronization, etc, etc. > > What I finnaly wanna has is a usual git, just with encryption, > but I can live with loosing differential compression. Something like this? https://gist.github.com/873637 I've never tried it myself, who knows if it works, but google found it when I searched for "git clean smudge filter encryption". I hope that helps, -- David -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html