Re: gnome-keyring and Secrets DBus API

[Stef Walter <stef-list memberwebs com>]

I hope you don't mind if I CC this to the gnome-keyring-list gnome org   

Ross Burton wrote:
> We're (Moblin) using gnome-keyring to store web service authentication
> tokens, and the lack of change notification for keyring items is a
> problem for us.  I see that the Secrets DBus API has change events for
> collections and items, so I'm considering switching early to the new
> gnome-keyring which implements this specification.  The question is
> this: how is the port to the Secrets API going?

It's going pretty well. I'm working steadily on it. There are several
components and here's a bit of a status report on them:

 * Secrets API Spec
   - Still somewhat in flux, several outstanding issues.
   - Discussion on authentication lists freedesktop org 

 * Secret storage component.
   - Implemented as a PKCS#11 module.
   - Compatible with current *.keyring files
   - 2/3's complete.
   - Missing:
     - Change notification
     - Saving of new and changed secrets.
     - Wrapping of secrets for transport.
     - Usage, testing, bugs.

 * DBus Service:
   - Just begun, proof of concept.

 * Client side library:
   - Not started.
   - Not even a name yet (gsecrets?)

 * libgnome-keyring compatibility library.
   - Not started.

All the code so far is committed on the 'dbus-api' branch of gnome-keyring:

http://git.gnome.org/cgit/gnome-keyring/log/?h=dbus-api

To put it in perspective, changes from gnome-keyring master:

   119 files changed, 11161 insertions(+), 1070 deletions(-)

Realistically, there's probably almost another 20,000 lines of code to
write or refactor, with close to half of that being tests.

Obviously there's still a long way to go. Optimistically, it could be
ready for GNOME 3.0, but there's certainly no guarantee. It'd be
wonderful if the 2.30 cycle was 3 months longer. :)

Cheers,

Stef