What does HackerNews think of passage?
A fork of password-store (https://www.passwordstore.org) that uses age (https://age-encryption.org) as backend.
The OP link is the spec, here's a few other things you might find interesting
- the Go reference implementation https://age-encryption.org
- the Go library docs https://pkg.go.dev/filippo.io/age
- the CLI man page https://filippo.io/age/age.1
- the large reusable test suite (which I should write about!) https://c2sp.org/CCTV/age
- an interoperable Rust implementation by @str4d https://github.com/str4d/rage
- a YubiKey plugin by @str4d https://github.com/str4d/age-plugin-yubikey
- the draft plugin protocol specification (which we should really merge) https://github.com/C2SP/C2SP/pull/5/files?short_path=07bf8cc...
- a Windows GUI by @spieglt https://github.com/spieglt/winage
- a discussion of the authentication properties of age https://words.filippo.io/dispatches/age-authentication/
- a discussion of a potential post-quantum plugin https://words.filippo.io/dispatches/post-quantum-age/
- a password-store fork that uses age instead of gpg https://github.com/FiloSottile/passage (see also: how I use it with a YubiKey https://words.filippo.io/dispatches/passage/)
(Yes I should make a website to collate all this.) Happy to answer any questions!
[0] https://github.com/FiloSottile/passage [1] https://passwordstore.org
My age+YubiKeys Password Management Solution — https://words.filippo.io/dispatches/passage/
The main feature is some protection against post-compromise exfiltration: even if an attacker fully compromises my laptop, they can't extract the whole vault.
[1]: https://github.com/FiloSottile/passage
And if you want to use Age encryption - https://github.com/FiloSottile/passage
It's pass with age-encryption instead of pgp.
Discussed here: https://news.ycombinator.com/item?id=29597729