Re: cleaning up keyrings
- From: Stef Walter <stef-list memberwebs com>
- To: Havoc Pennington <hp redhat com>
- Cc: desktop-devel-list gnome org
- Subject: Re: cleaning up keyrings
- Date: Tue, 28 Aug 2007 22:35:33 +0000 (UTC)
Havoc Pennington wrote:
> I forgot to mention taking the encrypted keyring blob and sticking it
> on a server somewhere, but (I think) that's an independent issue from
> getting everything to use the same keyring and same keyring entries.
Well there are obviously security issues to this.
Perhaps there should be a way of having a single certain keyring (with a
given name) stored online, and applications could choose whether or not
to store passwords in that keyring.
My reasoning is in part because, in the next cycle gnome-keyring is
getting support for encryption keys (SSH, X509). If those were stored
online, it would negate their value a good deal. If encryption keys were
downloadable using a password, then why use an encryption key for things
like SSH at all?
] [Thread Prev