Metadata about who the secret is encrypted for

Metadata about who the secret is encrypted for needs to be stored. Even if it's possible to pull a list of GPG keys out of the encrypted text, this isn't good enough. We need to be able to map it back to "groups" incase group memberships change and the secret needs to be re-encrypted.
