go-passbolt icon indicating copy to clipboard operation
go-passbolt copied to clipboard
verified publisher icon passbolt

Trusting new Metadata Keys

Open speatzle opened this issue 9 months ago • 0 comments

Blocked by #29

New Metadata Keys need to be "trusted" by the client by downloading and rencrypting them with the users regular gpg private key.

New Metadata keys can be created when rotating keys. (also for brand new accounts)

  • Add function to Trust a new Key. PUT /metadata/keys/private/.json
  • Account for metadata key in account Setup helper
  • TBD: Add Check to Verify that a old compromised key isn't replayed (check date against current metadata key?)
  • TBD: Allow for pinning Metadata keys?
  • TBD: Allow for autotrusting new keys? Automatic skripts? Decreases Security!
  • Create go-passbolt-cli issue for new subcommand

speatzle avatar Mar 05 '25 15:03 speatzle