ubuntu-phone team mailing list archive

Thread
Date

Re: [Development] Solution for a password/secret storage

To: ubuntu-phone@xxxxxxxxxxxxxxxxxxx
From: Alberto Mardegan <alberto.mardegan@xxxxxxxxxxxxx>
Date: Tue, 19 Mar 2013 12:01:57 +0200
In-reply-to: <514835B8.10801@gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2

On 03/19/2013 11:54 AM, Bruno Girin wrote:
> OK so how does GNOME Keyring do it? My understanding is that with GNOME
> Keyring, the default keyring is the "login" keyring that is unlocked
> when users enter their login credentials, which is why you don't have to
> unlock it again during a session. Presumably it means that the "login"
> keyring is protected by the user's password?

Yes. In fact, it's possible to make the two passwords go out of sync,
and there you'll be prompted to enter your keyring master password as
the first application requests a password.

> Which also brings the question: with the freedesktop API, how do you
> change the password for a given collection? Do you have to re-encrypt
> all the data in that collection using the new password?

The API does not cover this:
http://standards.freedesktop.org/secret-service/ch10.html

In fact, most clients should not be interested in this; they should just
care about whether the secrets DB is locked or unlocked, that's all.

Ciao,
  Alberto

Follow ups

Re: [Development] Solution for a password/secret storage
From: Bruno Girin, 2013-03-19

References

[Development] Solution for a password/secret storage
From: Alberto Mardegan, 2013-03-18
Re: [Development] Solution for a password/secret storage
From: Bruno Girin, 2013-03-18
Re: [Development] Solution for a password/secret storage
From: Alberto Mardegan, 2013-03-19
Re: [Development] Solution for a password/secret storage
From: Bruno Girin, 2013-03-19