[ericfrederich]

Hmm... adding access controls to Git? I'm not sure how I feel about this. I like how Git is low level and stays away from all of that stuff leaving it up to wrappers like GitLab, GitHub, Gerrit, etc.

When you remove someone from the list of users does it have to go and re-write history? Isn't that a big no-no in Git?

[apetresc]

I have nothing to do with this project, but I think the answer to your question is no - you don't have to re-write history. If the removed party had access to previous revisions signed with his key, they're already "compromised" as far as security is concerned. Whether or not you rewrite history, he already has it.

The re-encryption they're referring to is presumably just to protect future revisions (since you would ideally rotate all keys they had access to, git-secret or not, and publish new ones right away).