Re: org-crypt ?

[David Masterson <dsmasterson@gmail.com>]

Tim Cross <theophilusx@gmail.com> writes:

> David Masterson <dsmasterson@gmail.com> writes:
>
>> I think I've gotten org-crypt working, but I think some things are not
>> making sense (it might be just me):
>>
>> 1. I've set org-crypt-key to nil (symmetric encryption).
>> 2. Can I use a different encryption key for each encrypted paragraph?
>> 3. Does org-encrypt only ask for the key the first time?
>> 4. Does org-decrypt only ask for the key the first time?
>> 5. How do they know where to get the password when they don't ask?
>> 6. Shouldn't org-crypt docs in org manual have examples?
>> Does this make sense -- I think I'm messing something up.
>
> Warning: I have not used org-crypt for many years. These days, I just
> use a .org.gpg extensions and symmetrically encrypt the whole file.
> However, I think I can probably answer some of your questions -

Hmm, two questions that this brings up:

1. Do you access your files on (say) iPhone?
2. Do you store your files in Git (say Github)?

>> 2. Can I use a different encryption key for each encrypted paragraph?
>
> According to the manual -
>  
> No, not with symmetric encryption. I think this can only work with
> asymmetric encryption.

This needs to be spelled out better.

> If your using symmetric encryption, you typically just have one key for
> all the data within the file. From the gnuPG perspective, this is just
> encrypted text. It does not 'know' about different paragraphs. To have
> different encryption with each paragraph, you would need to specify
> different keys and there is no mechanism to do that with symmetric
> encryption only asymmetric.

org-(en/de)crypt ??

Hmm, you're suggesting you don't use org-(en/de)crypt.  The manual
doesn't spell out very well how to do that.  Where do you put your key
for symmetric encryption?

> What is your use case where you need multiple symmetric encryption keys
> in one file?

One broken key doesn't give up the whole file.

>> 6. Shouldn't org-crypt docs in org manual have examples?
>
> Probably, though I don't know what else you would put in there which
> isn't already there. Feel free to supply a PR or patch once you have
> worked it out. However, as noted in the commentary section, org-crypt.el
> is really a very light-weight wrapper around functions in epg.el, so
> likely the first place to start when looking for documentation and
> examples is the epa/epg/easyPG manual

Not good at writing these days, buy I'll consider.

-- 
David Masterson