Re: Do you use multiple gnome-keyring keyrings?

[Bryan Clark <bclark redhat com>]

Alexander Larsson wrote:
> On Tue, 2007-04-10 at 16:10 +0200, Steve Fr�naux wrote:
>   
> > On Tue, 2007-04-10 at 15:44 +0200, Alexander Larsson wrote:
> >
> >     
> > > Not really, key lookups always happens in all keyrings. You would need
> > > to set the default keyring to something when saving the passwords, and
> > > then change the default to another keyring, but after that all apps
> > > should be able to read passwords from both keyrings.
> > >       
> > Then why not having a dropdown list on password save for the
> > keyring-daemon to know where to put the newly saved password ?
> >     
>
> Since nobody on this list seems to ever have used this feature that
> seems like giving it way more space in the UI (and risk of confusion)
> than needed...
I think the original design that we had planned to use the multiple 
keyrings for required a standard breakdown of what was a secure password 
and what wasn't.  Such that we would quickly and easily save passwords 
sent over plain text like http in the standard keyring but might keep 
https or more secure passwords in the more secure keyring that 
auto-locks after a certain time out.  I don't think it would be hard to 
code some defaults of what passwords are secure and which ones aren't, 
but I wouldn't make the focus of the password UI about choosing how it's 
stored.

With almost any interface situation related to user security I do 
believe that once you've asked the user to determine their own level of 
security you've lost.  That's not to say that there aren't a number of 
people that can decide their own security, but most people will just 
enter any of their passwords to any dialog that asks them to because you 
have to understand the complexity of the entire system to know what's 
safe and what isn't.

~ Bryan