ubuntu-phone team mailing list archive

[Alberto Mardegan <alberto.mardegan@xxxxxxxxxxxxx>]

On 03/19/2013 02:16 PM, Tony Espy wrote:
> Ah, the devil is in the details.  I wouldn't dismiss the benefits of a
> stable working code-base so quickly.
> 
> The semantics already exist in code, the secure store piece is known to
> be secure and works as advertised, and the PAM integration allows
> gnome-keyring to operate without much intervention by the user.  This
> wasn't always in the case in the past as others have pointed out.
> 
> That said, if we've done the analysis and determined that the UI code is
> too tightly bound to the core logic, then that's another story...

Oops, I'd better correct myself before I start spreading FUD. :-) I was
sure that the UI code was very tight to the service, but I don't know
where I got that from.
I checked again, and this cannot be farther from the truth. :-)
gnome-keyring-daemon doesn't even depend on Gtk+, so it looks like that
it can be reused.
I didn't investigate how the master password prompt is generated, but
hopefully it's easy to replicate (I'd better ask to the GNOME keyring
maintainers about it, to be sure).

> That said, it should be possible to implement this type of storage using
> oFono's SIM API ( isn't this what Meego used? ).

No, it was a different one (not open-source, AFAIK).

> That said, what does gnome-keyring use for it's store, and what
> alternatives besides SIM have you considered?

It uses encrypted files in ~/.gnome2/keyrings/.
I think anything which can generate a byte-array can be used as a
keyring password -- it depends on the level of security you are looking for.
What I'd like to have is a system where there can be multiple ways of
unlocking the secrets DB, so that you are not completely lost if for
some reason you cannot use a specific one at the moment.

[...]
> Finally, one last aside...  wouldn't full filesystem encryption remove
> the need for a secret storage service?  AFAIK, it hasn't yet been
> discussed in the context of Touch.

That's a good thing to discuss. However, full disk encryption might
impose some hardware requirements to get a decent speed, and in any case
one must decide how to store the key to the filesystem.

Ciao,
  Alberto