Add/remove recipient without re-encrypting
mailinglisten at hauke-laging.de
Thu Feb 3 16:07:50 CET 2011
Am Donnerstag 03 Februar 2011 15:38:12 schrieb Alphazo:
> Is it possible to add or remove a recipient to an already encrypted file
> and thus without re-encrypting the whole file?
Not an answer but a proposal:
I have read this question several times on this list. I know that this is
possible today but complicated (and AFAIK not part of the gpg documentation).
I prefer an easy solution within gpg. Thus I suggest the feature that
recipient packets can be stored in a seperate file. Thus only a small file has
to be changed (extended or partially erased).
A solution with better compatibility would be: The session key of the content
file is the encrypted content of the recipients file. Thus implementations
with a feature like --override-session-key can still access the content file
(with some manual assistance) if they don't support such an extension file.
That could look like this:
gpg --encrypt --recipient 11111111 --recipient 11111112 file.txt
would change to
gpg --encrypt --recipient 11111111 --ext-rec-file --recipient 11111112 \
with all recipients given after --ext-rec-file (or --ext-rec-file=filename)
being written to the extension file.
If this is not implemented and we stick to "you would need to write the tool
yourself" then it might be helpful to add the option to write some dummy
recipients (just to have enough space in the file which can be overwritten).
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 555 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users