Summary of changes in gnome-keyring for 2.30

Here's a quick summary of what's happened in gnome-keyring during the
2.30 cycle, and hopefully what's to come in 2.32.

Some 2.30 highlights:

 * New DBus protocol called 'Secret Service' for communicating between
   libgnome-keyring and gnome-keyring-daemon. This protocol will also
   be implemented by KDE and possibly other clients.

 * libgnome-keyring is now packaged as its own module. The
   implementation has changed, but this should be a drop in
   replacement, ABI compatible with the old libgnome-keyring library.

 * New dependency: GTK+ 2.18

 * No more support for hokey ACL prompts, which had almost no security
   value at all. This was being patched out by almost all distros.

 * Using the same old keyring format, which means certain minor
   limitations on the 'Secret Service' API for the time being.

 * Application or libraries that were speaking gnome-keyring's old
   binary internal protocol, are no longer supported.

 * Incomplete: New ways of restricting access to the keyring: Idle
   time locking, timeout locking, unlock per application etc...

Some 2.32 goals:

 * A new keyring format, probably based on ASN.1. We'll continue
   to support the old format, and upgrade keyrings to the new
   format. It's unlikely there will be forward compatibility though
   (ie: old versions supporting the new format).

 * Common library GUI bits for viewing certificate files and other
   PK files.

 * A new library for accessing secrets, to replace libgnome-keyring,
   and support more of the 'Secret Service' API features.

 * libgnome-keyring will be deprecated.

If I've missed anything, give me a heads up. Discussion welcome at
gnome-keyring-list gnome org



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]