Re: GNOME Online Accounts 3.34 won't have documents support

On Wed, 23 Jan 2019 at 14:21, Allan Day <aday gnome org> wrote:
[Responding selectively, this thread is getting long.]

Emmanuele Bassi <ebassi gmail com> wrote:
>> The main factor has always been about how we handle identity. If we
>> give online accounts access to 3rd party apps, we're giving them
>> access to the GNOME keys. They appear as "GNOME" to online providers
>> and their access is bundled up with our own. As a result, we lose the
>> ability to ensure that the GNOME keys are being used in accordance
>> with providers' terms and conditions.
> This is because we never specified a way to get third party keys stored inside GOA as part of a process to get third party modules to it.

If apps could provide their own keys that would certainly change the
picture (I didn't actually know it was a possibility.) It would also
change the nature of Online Accounts of course; it's always been
designed as part of the system, that's used by the system and the core
apps. Might take a little thought.

We had a key store for web services API keys in Moblin/MeeGo, as part of libsocialweb, mostly because we couldn't have OEMs ship with Intel OTC keys, and OEMs didn't want to make their key public either. :-)

Re-implementing that would not be hard, especially if we make it a prerequisite that new services must come with their own key. Additionally, it would let downstream vendors ship their own keys, if they are so inclined.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]