Re: gnome-keyring enhancement proposal



On Mon, 2004-04-12 at 20:26, Erik Grinaker wrote:
> Hi
> 
> I'm the developer of Revelation, a password manager for GNOME 2. Lately
> I've been getting alot of requests for integration with gnome-keyring,
> which is natural as the two systems basically aim for the same thing (a
> central store for account information). Revelation is available here:
> 
> http://oss.wired-networks.net/revelation/
> 
> Integrating Revelation with gnome-keyring can't really be done in a nice
> way, the best would probably be to have functionality for importing from
> / exporting to gnome-keyring. But I think that what most people would
> like is a mix of gnome-keyring and Revelation; a system where they could
> easily manage their passwords, and also have applications use these
> passwords automagically. To accomplish this, I feel that there needs to
> be a few enhancements in gnome-keyring.
> 
> These proposals have not been fully thought through, but could be a
> starting-point for further discussion (some of are inspired by comments
> on FootNotes). If gnome-keyring could be a complete replacement for
> Revelation, I would be very interested in working on it instead of
> Revelation.
> 
> 
> 1. Ability to store accounts in a tree-structure, so they are easier to
> organize. Revelation does this by letting you create "folders" which
> accounts can be put in. This is very useful when one has a large number
> of accounts.

gnome-keyring isn't really meant to be user-visible like that. Its all
about automatically remembering passwords as needed inside other
programs. Having just a tree with information in it doesn't match the
key-value query style database that gnome-keyring uses, and the typical
data in gnome-keyring is not structured in such a way as to work well in
password/information display like revelation.

> 2. Having various account types, with a set of fields for each (should
> be extensible through XML schemas or something, so users or other apps
> can add new account types).

Apps can store whatever type of passwords it wants in gnome-keyring. The
key-value pairs used for key-lookup have no special limits. If we want
specific types of secrets appart from passwords and general secrets the
API allows that by extending GnomeKeyringItemType.

> 3. Management of keys and certificates, for example ssh keys or
> gpg/pgp/smime stuff.

I'm also interested in this. I haven't thought much about it though.

> 4. Ability to run programs as other local users (starting a terminal as
> root, for example).

This isn't really related to gnome-keyring as such. Its just an
encrypted store for secrets that apps can integrate with as they see
fit.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
                   alexl redhat com    alla lysator liu se 
He's an old-fashioned day-dreaming cowboy on the hunt for the last specimen of 
a great and near-mythical creature. She's a vivacious belly-dancing nun from 
out of town. They fight crime! 




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]