UX: Identity should be consistent with Recepient

Question

UX: Identity should be consistent with Recepient

supermarin opened this issue 3 years ago · comments

What were you trying to do

Trying to pass a value to identity stored in a variable. At the moment, RECEPIENT supports both -rR options and -i assumes a PATH instead of IDENTITY.

What happened

-i flag assumes a PATH.

$ age --help
... ommitted ..
Options:
    -r, --recipient RECIPIENT   Encrypt to the specified RECIPIENT. Can be repeated.
    -R, --recipients-file PATH  Encrypt to recipients listed at PATH. Can be repeated.
    -i, --identity PATH         Use the identity file at PATH. Can be repeated.

What am I expecting to happen

$ age --help
... ommitted ..
Options:
    -r, --recipient RECIPIENT   Encrypt to the specified RECIPIENT. Can be repeated.
    -R, --recipients-file PATH  Encrypt to recipients listed at PATH. Can be repeated.
    -i, --identity IDENTITY     Use the specified IDENTITY. Can be repeated.
    -I, --identity-file PATH    Use the identity file at PATH. Can be repeated.

Filippo Valsorda · Answer 1 · Thu Feb 25 2021 00:01:01 GMT+0800 (China Standard Time)

This is a very intentional asymmetry. Arguments end up in shell histories and are visible in ps, they are not a good place for cryptographic secrets, so we restrict identities to being files.

Marin · Answer 2 · Thu Feb 25 2021 00:06:50 GMT+0800 (China Standard Time)

That's a good point. Would it make sense to at least change -i to -I?

Filippo Valsorda · Answer 3 · Thu Feb 25 2021 00:15:56 GMT+0800 (China Standard Time)

In retrospect it might have made more sense, but I don't think it's worth the churn of changing it at this point. Also, a -I without a -i is confusing, too.