From 8b25136ac49a09e08cda782605700f8e3e10d3b7 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Fri, 29 Jul 2016 12:23:35 -0700
Subject: updated README

---
 README       | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 apple/README | 26 ++++++++++++++++++++++++++
 2 files changed, 80 insertions(+)
 create mode 100644 README
 create mode 100644 apple/README

diff --git a/README b/README
new file mode 100644
index 0000000..67d2a50
--- /dev/null
+++ b/README
@@ -0,0 +1,54 @@
+Usage summary
+-----------------------------------------------
+
+    git pull
+    gpg -d file.gpg > file.txt
+    edit file.txt
+    rake file.gpg
+    rm file.txt
+    git commit file.gpg
+    git push
+
+Makefile configuration
+-----------------------------------------------
+
+    user1 := <key id>
+    user2 := <key id>
+    user3 := <key id>
+    files := file1 file2
+    file2_readers := user1 user2
+    file2_readers := user2 user3
+
+Details
+-----------------------------------------------
+
+The Makefile will encrypt certain files to the right people.
+
+usage: "make foo.gpg" will encrypt foo.txt
+
+* If unencrypted file exists and is newer than the encrypted, it will
+  encrypt it.
+* If the unencrypted file exists and is not newer than the encrypted, it
+  will report "up to date" and won't encrypt it
+* If the unencrypted file doesn't exist, it will say you are dumb.
+ 
+If you don't have one of the keys needed for encrypting:
+
+   gpg --recv-keys <fingerprint>
+   gpg --fingerprint --keyid-format long <fingerprint>
+
+IT IS IMPERATIVE THAT YOU VERIFY THE FINGERPRINT.
+gpg does not verify the fingerprint when you run --recv-keys.
+
+To add additional files to be encrypted:
+
+   files          := file_a file_b
+   file_a_readers := user1 user2
+   file_b_readers := user3 user4
+
+Files should be named without their suffix. The actual source file must
+always end in .txt, and the encrypted file will always end in .gpg.
+
+After you change the x_readers list for a file, you will need to run
+`touch x.txt` in order for `make` to encrypt `x.gpg`.
+
diff --git a/apple/README b/apple/README
new file mode 100644
index 0000000..4ab3039
--- /dev/null
+++ b/apple/README
@@ -0,0 +1,26 @@
+This directory holds Apple developer certificates, and the corresponding
+public/private keys.
+
+For example:
+
+  certname.cer     -- The final certificate signed by Apple.
+
+  certname.csr     -- The Certificate Signing Request, generated
+                      with the Mac app "Keychain Access".
+                    
+  certname.key.p12 -- The private key for this certificate,
+                      created when the CSR is created.
+                      exported from "Keychain Access".
+                    
+  certname.pub.pem -- The public key for this certificate,
+                      created when the CSR is created,
+                      exported from "Keychain Access".
+
+The certificates:
+
+leap-developer-id-application
+  This is used for distributing the application outside the app store.
+
+leap-developer-id-installer
+  This is used for distributing an installer outside the app store.
+
-- 
cgit v1.2.3