Anyone can add GPG keys to a git-chat space, including untrusted keys. If someone added a public key to a git-chat space for a third party that isn't trusted, that third party might be able to read messages (git-chat-message includes all recipients by default).
Regularly checking to see if new keys were added, and looking through them carefully, before writing each message can be annoying. Even more annoying is typing a (trusted) list of recipients at the command line whenever you write a message.
I propose that we add support for reading from a .trusted-keys file to filter message recipients. User's can add fingerprints that they trust to this file, and only those keys will be used when composing messages. The file should be located in .git/.
We will want to document this too, in git-chat.1 and git-chat-message.3.
brandon1024
commented
3 years ago
Anyone can add GPG keys to a git-chat space, including untrusted keys. If someone added a public key to a git-chat space for a third party that isn't trusted, that third party might be able to read messages (git-chat-message includes all recipients by default).
Regularly checking to see if new keys were added, and looking through them carefully, before writing each message can be annoying. Even more annoying is typing a (trusted) list of recipients at the command line whenever you write a message.
I propose that we add support for reading from a
.trusted-keysfile to filter message recipients. User's can add fingerprints that they trust to this file, and only those keys will be used when composing messages. The file should be located in.git/.We will want to document this too, in git-chat.1 and git-chat-message.3.