On Wed, Jan 08, 2014 at 12:40:38PM -0800, Bryce Harrington wrote:
On Wed, Jan 08, 2014 at 08:59:48PM +0100, Johan Engelen wrote:
I don't know how other projects solve this problem. To me it sounds a good topic for asking the Conservancy.
Poking around, looks like a common approach is to stick a gpg encrypted file into a git repository, using each person's gpg key when signing it. That way everyone has their own private password for accessing the data, and adding or removing a person just involves re-encrypting it and adding or dropping them from the signatures list.
Simple explanation: http://blog.bogosity.se/2011/01/12/managing-passwords-using-gnupg-git-and-em...
More detailed: https://enter2exit.wordpress.com/2011/03/01/managing-passwords-with-vimgpggi...
The Debian project uses a variation on this, which uses 'subkeys': https://wiki.debian.org/subkeys
I experimented with this (via the first link) and it looks straightforward enough, at least once you have your gpg key set up. We'd just need to do a key exchange with each other to start.
Bryce
Since there's been no objections I've decided to experiment a bit more with this, and set up a bzr repo at lp:~inkscape.admin/+junk/admin-docs with the gpg encrypted password file.
There's a README in there with some directions sketched in if anyone wants to follow along with me.
Bryce