This would normally involve these steps:

1. Decrypt repository data with the old key
2. Re-encrypt decrypted repository data with new key
3. Replace old data (encrypted with the old key) with new data (encrypted with the new key)
4. Replace old key with new key

This feature is important in order to recover from a security compromise (if someone steals your repo keys).

Thinking of it now, step 2 is closely related to #82, so you could merge these issues, if that makes more sense.