Re: gnome-keyring has SSH, X.509 certificate and key support

["Luis Villa" <luis tieguy org>]

On Dec 1, 2007 2:59 PM, Stef Walter <stef-list memberwebs com> wrote:
> gnome-keyring 2.22 will include:
>
>  * A proper SSH agent integrated with the user's login keyring
>  * An X.509 key and certificate store than applications can
>    use and share, and integrated with the user's login.
>
> I wanted to announce this well in advance of the release so that anyone
> who wants to coordinate features, or give advice, suggestions can do so.

Comment 1: this is awesome. I'm very psyched to finally see proper ssh
support, and in general to see better identity/key management in
GNOME. This is hugely important- I think much more so than people seem
to realize.

Comment 2: will I still be required to re-auth post login with this
release? or will access to the default keyring now be automatic with
login? (You make reference to a 'login keyring', so I'm optimistic
this is what you mean, but I wanted to double-check.)

Comment 3: have you talked to the Novell guys working on the Bandit
Project aka DigitalMe? I just installed their linux build and firefox
plugin[1] and got a really great authentication experience with two
sites that use the CardSpace aka InfoCard standard.[2] It seems to
already interoperate with the keyring, which is great, but it seems
like it would be good if GNOME made sure to reach out to them and make
sure that we're providing what they need.

Comment 4: wicked awesome.

Luis (thinking about digital identity this morning in context of a
paper I'm writing)

[1] http://www.bandit-project.org/index.php/Digital_Me_Download
[2] A Microsoft-proposed standard, but one that (as far as I know) has
no competing open standard, and which (importantly) is covered by
Microsoft's Open Specifications Patent Promise, discussed here:
http://www.consortiuminfo.org/standardsblog/article.php?story=20060912140103877