p̸h̴o̸⁴c̵e̴ₓa̵
helping someone set up passwordstore.org, my favorite password manager
it's basically pgp encrypted text files stored in git
so they need a gpg key
"wait so why do i have to give it my e-mail address?" they asked, concerned about privacy
🤔 huh.
now thinking pgp would be easier to implement/understand/use if the e-mail specific stuff was in a totally separate layer or wrapper from asymmetric keys and what you can do with them
p̸h̴o̸⁴c̵e̴ₓa̵
@technomancy understood, but was still concerned that if a the gpg public key were associated with a non-fake e-mail address, it's possible one might accidentally publish it to a keyserver or something
to set up passwordstore on my android phone it's necessary to run openkeychain and that program makes it quite easy to publish esp if you're flailing around not knowing how gpg works
(and that's all regardless of whether i keep passwordstore repos on storage i have physical access to)
tech? no! man, see...
@pho4cexa overall agreed, but re privacy concerns, half the point of passwordstore is that the data never needs to leave your machines. I just have git remotes across 3 different laptops and do `pass git pull --rebase other-laptop` to replicate the data around and none of it ever gets put on hardware I don't physically control.
Chirp! is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.
All Chirp! content and data are available under the Creative Commons Attribution 3.0 license.