Re: gnome-keyring ACL Support
- From: Stef Walter <stefw collabora co uk>
- To: Anders Rundgren <anders rundgren telia com>
- Cc: gnome-keyring-list gnome org
- Subject: Re: gnome-keyring ACL Support
- Date: Tue, 07 Dec 2010 18:48:54 -0600
On 2010-12-05 00:50, Anders Rundgren wrote:
> Stef Walter wrote:
>> I haven't given server side secure storage that much thought, but have
>> you taken a look at the secret service spec?
>
> Yes, I have skimmed it at least. I believe (could be wrong) it has a
> different
> goal than the ACL scheme I propose since my wish is to get away from
> passwords
> altogether for server-applications using keys.
Aha. Now I understand better what its about.
To be honest, I don't think gnome-keyring's as a whole is very
interesting on the server side, it's very targeted at the user's
desktop. But parts of the architecture may play a role in such a project.
> I expect this to eventually be a feature in most mobile operating
> systems, otherwise you must use rather discriminating security
> models for apps, alternatively letting each app have their open
> private key-store. The latter would make provisioning and management
> a nightmare or require that every app has such stuff built-in.
Have you looked at libaccounts and the sso daemon used in meego [1]?
It's an interesting security architecture for mobile apps.
BTW, I'm not referring you to these things in order to replace or
diminish your work, but just to point you to places where collaboration
or discussion may be possible :)
> See it as a discussion :-) If nobody is interested I will not
> push it, but maybe try to add it to Android.
I'm sure lots of places are interested. But gnome-keyring is just a
small part of the larger crypto and authentication community. In any
case I'd love to be part of the discussion. I'm especially interested in
the key provisioning aspects of your work.
Maybe I mentioned it before but a great place to have discussion about
this would be at FOSDEM [2]. I know lots of people from all sorts of
projects relevant to your effort will be there. It would be very
worthwhile and valuable to have you there as well!
Cheers,
Stef
[1] http://gitorious.org/accounts-sso/pages/Home
[2] http://www.opensc-project.org/opensc/wiki/FOSDEM2011
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
