Re: Do you use multiple gnome-keyring keyrings?



Jon Nettleton wrote:
>> But I have a few suggestions to help simplify things slightly...
>>
>>  A. Let's not expose the 'Login' keyring as a normal keyring. I don't
>>     think other applications should be allowed to mess with it. We
>>     might consider it a  implementation detail internal to
>>     gnome-keyring-daemon. For simplicity we might call it something
>>     like 'master passwords' in the code.
> 
> The contents should have the ability to be displayed by whatever
> management program is being used.  I want this only so a password that
> hasn't been changed or entered in years isn't gone forever and the
> contents of the keyring locked unrecoverable.  

Good point. I guess having a 'login' keyring makes sense then.

> Other than that I completely agree.  Basically we would just check if
> the on_login property of a keyring was set and internally have the gkd
> add or remove it from the Login, or 'master passwords' keyring.  

Setting an on_login property limits this to gnome-keyring keyrings, the
kind which currently store secrets. I'd like to make it so that the new
cryptoki x509 key stores can avail themselves of this mechanism as well.

But we can work out the exact logic at a later date...

> Thanks I am glad you like my ideas.  Now I just need to get my butt in
> gear and finish up all the half done code I have been sitting on.

Well I'll help make this happen. Moving forward with other functionality
depends on it.

Cheers,
Nate Nielsen




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]