Re: Completed gnome-keyring-manager functionality in seahorse

From: Stef Walter <stef memberwebs com>
To: Adam Schreiber <sadam clemson edu>
Cc: seahorse-list gnome org
Subject: Re: Completed gnome-keyring-manager functionality in seahorse
Date: Sun, 9 Dec 2007 20:35:28 +0000 (UTC)

Adam Schreiber wrote:
> I think there's some that's still missing, ACL for saved secrets, and
> some that was never there, 

Completed this and checked it in.

> being able to save your own secret
> equivalent to "remembering a password", that I will be working on over
> winter break.

Sounds good.

> On the Passwords tab in the Preferences, "Keyring" should be two words
> everywhere. 

I changed this to 'Password Storage'. 'Keyring' is such an overloaded
term :(

> I also think "Change Unlock Password" should become
> "Change Master Password" because that's what the users have been
> introduced to in Mozilla products, what it was in the old UI and
> Unlock seems a bit too close to the API.  

Since there isn't one master password, I think using that terminology
would be confusing. Also gnome-keyring uses the 'unlock' terminology
throughout its UI extensively.

> On the Change Unlock dialog
> the first paragraph while accurate from a security standpoint, the
> user will never see the program "seahorse-preferences" when the
> previous window says "Encryption Preferences" so it will be confusing.

Hmmm, this means that somehow seahorse-preferences is not calling
gnome_program_init (with the readable name) properly. That's how
gnome-keyring gets the human readable name ie: g_get_application_name().

>  The user is also being asked to evaluate two different things: 1. Is
> this application allowed to request this? and 2. What should I change
> my password to?  

I think that perhaps we can just change the 'Deny' button to 'Cancel',
in any case this dialog is a part of gnome-keyring.

> Also, clicking deny on the current dialog shouldn't
> result in an error message back in seahorse. 

Good point.

> Changing the Master
> password on the default keyring will also break the auto-unlock pam
> functionality if it doesn't also change their user password.

The gnome-keyring dialog should probably have a message to that effect
if changing the user's 'login' keyring.

> I'm also still slightly confused about the multiple key rings bit.  I
> thought from your poll of d-d-l it didn't appear anyone was using more
> than the default key ring.  

People responded about how multiple keyrings are useful to them. So all
the additions to gnome-keyring have taken that into account. In
particular anyone since gnome-keyring's PAM functionaly who had a
previous keyring will have more than one keyring.

> Would Epiphany use an additional one if
> they ever switch to gnome-keyring as a secret store?  

Possible, but it's up to the epiphany application developers.

> Has the
> gnome-keyring-source been editted so that all of the key rings'
> secrets are displayed in the password tab?

It displays the passwords from the default keyring. You can see this
take effect as you change the default keyring.

Cheers,
Stef Walter

Follow-Ups:
- RE: Completed gnome-keyring-manager functionality in seahorse
  - From: Stef Walter

References:
- Completed gnome-keyring-manager functionality in seahorse
  - From: Stef Walter
- Re: Completed gnome-keyring-manager functionality in seahorse
  - From: Adam Schreiber

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]