ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #01180
Re: [Development] Solution for a password/secret storage
On 03/19/2013 11:54 AM, Bruno Girin wrote:
> OK so how does GNOME Keyring do it? My understanding is that with GNOME
> Keyring, the default keyring is the "login" keyring that is unlocked
> when users enter their login credentials, which is why you don't have to
> unlock it again during a session. Presumably it means that the "login"
> keyring is protected by the user's password?
Yes. In fact, it's possible to make the two passwords go out of sync,
and there you'll be prompted to enter your keyring master password as
the first application requests a password.
> Which also brings the question: with the freedesktop API, how do you
> change the password for a given collection? Do you have to re-encrypt
> all the data in that collection using the new password?
The API does not cover this:
http://standards.freedesktop.org/secret-service/ch10.html
In fact, most clients should not be interested in this; they should just
care about whether the secrets DB is locked or unlocked, that's all.
Ciao,
Alberto
Follow ups
References