diff options
author | Terry Chia <terrycwk1994@gmail.com> | 2015-03-26 08:56:28 +0800 |
---|---|---|
committer | Terry Chia <terrycwk1994@gmail.com> | 2015-03-26 08:56:28 +0800 |
commit | eab0d191269e71af67bf9bb67e5b25999801356f (patch) | |
tree | 7028b347817ac7ab5f2ce77a4aa37f00c4a5f1d8 /docs/fernet.rst | |
parent | c053129791404f5f03df2c2243878f08352fb88d (diff) | |
download | cryptography-eab0d191269e71af67bf9bb67e5b25999801356f.tar.gz cryptography-eab0d191269e71af67bf9bb67e5b25999801356f.tar.bz2 cryptography-eab0d191269e71af67bf9bb67e5b25999801356f.zip |
Attempt to explain MultiFernet better.
Diffstat (limited to 'docs/fernet.rst')
-rw-r--r-- | docs/fernet.rst | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/docs/fernet.rst b/docs/fernet.rst index f1a4c748..6ca20db9 100644 --- a/docs/fernet.rst +++ b/docs/fernet.rst @@ -92,8 +92,10 @@ has support for implementing key rotation via :class:`MultiFernet`. >>> f.decrypt(token) 'Secret message!' - Fernet performs all encryption options using the *first* key in the - ``list`` provided. Decryption supports using *any* of constituent keys. + MultiFernet performs all encryption options using the *first* key in the + ``list`` provided. MultiFernet attempts to decrypt tokens with each key in + turn . A :class:`cryptography.fernet.InvalidToken` exception is raised if + the correct key is not found in the ``list`` provided. Key rotation makes it easy to replace old keys. You can add your new key at the front of the list to start encrypting new messages, and remove old keys |