James Murty

Hi, I don't think there is an easy way to apply multiple `filter` etc options on the same file. Doing this would involve carefully chaining the two separate tools so...

I think the best approach for handling this situation would be for transcrypt to switch to using the more secure `-pbkdf2` and `-iter` options by default, but in a way...

That is a good point that we should expect users to simply add a newer version of OpenSSL to their path once they have gone to the trouble of installing...

That's a very good point. A single repo-wide cipher setting in the Git config's `[transcrypt]` section would indeed be much simpler than per-file settings. Thinking through the repercussions, the possible...

Since we haven't any progress on this issue in months or years, maybe it's time to consider a simple but brutal solution instead of anything that's more elegant but complicated...

Hi, this is an interesting discussion especially given the (slow) work in #126 to adopt PBKDF2 for a future update to Transcrypt. I'm not a cryptographer so am out of...

Ah, random data won't work: https://github.com/elasticdog/transcrypt/blob/fdf81c53f0ad27651e03a67ea732b164d209e948/transcrypt#L115-L120

I _think_ the salt generation process is secure (enough) because the salt isn't derived from just `"${filename}:${password}"` it also hashes the contents of the plaintext file. To brute-force the password...

Hi, we don't yet have a solution to support PBKDF2. The most progress is in this PR, which is in turn based on other PRs and discussions: https://github.com/elasticdog/transcrypt/pull/136 But there...

Hi @andreineculau, @dawidmachon, @LuisBL, @andersjel and anyone else who might be interested in being a guinea pig, I'd appreciate help testing and proving the new PR #162 which adds support...