Re: cleaning up keyrings

From: Stef Walter <stef-list memberwebs com>
To: Havoc Pennington <hp redhat com>
Cc: desktop-devel-list gnome org
Subject: Re: cleaning up keyrings
Date: Tue, 28 Aug 2007 22:35:33 +0000 (UTC)

Havoc Pennington wrote:
> I forgot to mention taking the encrypted keyring blob and sticking it
> on a server somewhere, but (I think) that's an independent issue from
> getting everything to use the same keyring and same keyring entries.

Well there are obviously security issues to this.

Perhaps there should be a way of having a single certain keyring (with a
given name) stored online, and applications could choose whether or not
to store passwords in that keyring.

My reasoning is in part because, in the next cycle gnome-keyring is
getting support for encryption keys (SSH, X509). If those were stored
online, it would negate their value a good deal. If encryption keys were
downloadable using a password, then why use an encryption key for things
like SSH at all?

Cheers,
Stef Walter

Follow-Ups:
- Re: cleaning up keyrings
  - From: Havoc Pennington

References:
- cleaning up keyrings
  - From: Havoc Pennington
- Re: cleaning up keyrings
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]