Re: gnome-keyring branched

From: Nate Nielsen <nielsen-list memberwebs com>
To: James Henstridge <james jamesh id au>
Cc: desktop-devel-list gnome org
Subject: Re: gnome-keyring branched
Date: Fri, 21 Apr 2006 06:16:32 +0000 (GMT)

James Henstridge wrote:
> Nate Nielsen wrote:
>>It currently uses the following gnome-keyring fields.
>>
>>seahorse-key-type: gpg
>>seahorse-keyid:    32 character keyid
>>
>
> Is there any particular reason you chose to use two attributes to
> identify the key rather than a single attribute whose name indicates the
> type?  Is this to query all keys of a particular type?

Yes, so the passphrases for those keys can be cleared in one shot. This
isn't implemented yet, and needs a bit more thought.

>>Any suggestions on common field names? If gnome-gpg already has a whole
>>lot of users, then I don't mind using 'gnome-gpg-keyid' for OpenPGP keys.
>>
>
> I'm not sure how large a number of users gnome-gpg has.  Also, I changed
> the attributes in the most recent version of gnome-gpg when moving to
> the --control-fd interface of GPG (mainly switching to 64-bit key IDs as
> used by the control protocol).  So currently gnome-gpg adds the
> following attributes:
>
>     * gnome-gpg-keyid: 64-bit OpenPGP key ID (16 hex characters)
>     * gnome-gpg-userid: the primary UID for the key.  Not actually used
>       by gnome-gpg for queries, but I had the information and it seemed
>       like it might be useful for other applications.

In Seahorse's case this is retrieved from the keyring. But I think
additional attributes are fine, as long as we have the same key id
attribute.

> There are two ways we could go in order to get interoperability:
>
>    1. Pick a de facto standard gnome-keyring query used to lookup the
>       passphrase and make both seahorse and gnome-gpg use that.

I like this.

>    2. Make gnome-gpg set seahorse-key-type and seahorse-keyid
>       attributes, and seahorse set the gnome-gpg-keyid attribute, so the
>       passphrase will be found by the other application.

No need for compatibility on Seahorse side. The gnome-keyring feature is
only in CVS.

Let's keep it simple and do this:

  openpgp-keyid: 16 char hex (upper-case) key id

The 64 bit key ids seem to be more widely available from APIs (like
GPGME) and other sources. Note that this is last 16 characters of a 32
character hex key id.

Seahorse will continue to set 'seahorse-key-type' but that's an extra.
No need to worry about it.

> If (1) is chosen we might still want to do (2) to provide compatibility
> during a transition period, but that may be overkill.

Agreed.

Cheers,
Nate

Follow-Ups:
- Re: gnome-keyring branched
  - From: James Henstridge

References:
- gnome-keyring branched
  - From: Alexander Larsson
- Re: gnome-keyring branched
  - From: Corey Burger
- Re: gnome-keyring branched
  - From: Alexander Larsson
- Re: gnome-keyring branched
  - From: Jeff Waugh
- Re: gnome-keyring branched
  - From: Nate Nielsen
- Re: gnome-keyring branched
  - From: James Henstridge
- Re: gnome-keyring branched
  - From: Nate Nielsen
- Re: gnome-keyring branched
  - From: James Henstridge

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]