It would be great to be able to use externally produced RSA public keys to encrypt backups and to decrypt using RSA private keys.

Ideally this method should support external key provider so that users could store their backup keys using safer mechanisms such as smartcards (rather than passphrases only).