Re: gnome-keyring A couple of questions about Gnome Keyring
- From: Stef Walter <stef-list memberwebs com>
- To: Groth Johan <johan groth cell-telecom com>
- Cc: "gnome-keyring-list gnome org" <gnome-keyring-list gnome org>
- Subject: Re: gnome-keyring A couple of questions about Gnome Keyring
- Date: Wed, 02 Dec 2009 18:15:50 -0600
Groth Johan wrote:
> Hi all,
> The company I work for is considering to use Gnome Keyring to store
> certificates for VPN access but are a bit concerned that they can be
> moved from one computer to another. So I saw this on the web page:
>
> 'Non-exportable' certificates could be implemented by encrypting them
> with a random passwords, and storing that password within the normal
> gnome-keyring password file. This way they wouldn't be used onanother
> computer even if copied out of that directory.
>
> Has this been implemented and if it has in which version of Gnome Keyring?
No it has not been implemented. And it's of questionable value. It's
unclear whether this would be implemented, and if so how bulletproof it
would be.
My current thoughts are that perhaps non-exportable are actually the
domain of smart cards and the like, and hacking together a kludge to try
and support them in gnome-keyring isn't such a great idea.
Cheers,
Stef
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]