Re: gnome-keyring Short introduction

From: Stef <stef-list memberwebs com>
To: Michael Leupold <lemma confuego org>
Cc: gnome-keyring-list gnome org
Subject: Re: gnome-keyring Short introduction
Date: Thu, 19 Feb 2009 09:44:56 +0000 (UTC)

Michael Leupold wrote:
> I'm pretty new to this list and I'd like to introduce myself.
> 
> I'm the current maintainer of the KDE Wallet system and I'd like to work 
> towards unifying password storage in GNOME and KDE. Stef might remember me - 
> we had a short mail-exchange a few months ago.

Yup. Hi!

> After having a closer look at what gnome-keyring provides I think that it 
> would provide a good platform to use for KDE as well and I just started 
> writing a Qt-only library to communicate with the daemon.

Very interesting.

> In the process of doing so I'd like to document keyring's wire-protocol (if 
> there already is a documentation, please tell me) with the ultimate goal of 
> allowing other desktop environments and browsers to benefit from a common 
> solution as well.

I'll say up front that the protocol isn't the most beautiful thing in
the world. It'd be somewhat scary to see it become a standard of sorts.
It's very similar to the SSH agent protocol, but that's not a great
acolade :)

I've been looking around for a standard to implement, sort of like how
gnome-keyring implemented PKCS#11 for certificates and keys. But I
haven't been able to find something similarly compelling for the storage
of secrets.

It'd be cool to somehow get a more standard DBus protocol going. But
there are a few issues:

 * Transferring secrets in non-pageable memory.
 * Validating credentials of the peer.

> I hope this is something you approve of.

Certainly.

> I've already been talking to KDE people to hear what they think and they are 
> quite open to a solution integrating keyring. This however is more of a mid- 
> to long-term goal as it might require changes to keyring as well. One of the 
> major requirements would be migrating from GConf to a solution KDE could tap 
> into as well - unfortunately THE free desktop config framework isn't quite 
> there yet :-)

gnome-keyring-daemon uses very few settings from gconf, and they're only
read on startup. I haven't been happy with the gconf use in any case, as
it causes strange initialization problems and stuff. When this project
progresses far enough, I'm sure we could work something out.

Cheers,

Stef

References:
- gnome-keyring Short introduction
  - From: Michael Leupold

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]