[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Passwords, stored in Gnome Keyring and KWallet

From: Ted Zlatanov
Subject: Re: Passwords, stored in Gnome Keyring and KWallet
Date: Tue, 23 Feb 2010 14:03:17 -0600
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1.91 (gnu/linux)

On Tue, 23 Feb 2010 14:38:50 +0100 Michael Albinus <address@hidden> wrote: 

>> The only things we have to agree is how to pick an entry
>> (auth-source-pick, but this is probably OK as is) and how to get the
>> data out (auth-source-user-or-password, anything like
>> netrc-machine-user-or-password will work).

MA> See the Commentary section. You can define lookup attributes, which are
MA> supposed to do exactly this. The examples I have used there match this
MA> case :-)

MA> I have not decided yet, whether to store it in Tramp's archive. If it is
MA> used as backend for auth-sources, it might be better to keep it close to
MA> this. I have added the current version to this message.

possible TODO list, then:

- secrets-debug should be structured like auth-source-debug to prevent
  leaking sensitive information.  Right now I don't see anything
  sensitive though.

- make part of Emacs (so both Tramp and Gnus can use it; since it
  requires a recent Emacs anyway).  I think it makes sense to keep it
  out of {gnus,tramp}/contrib/ or {gnus,tramp}/lisp/ because it depends
  on specific Emacs internals.  I don't know about XEmacs support but of
  course have no problem with it.

- possibly rename to secrets-service.el if you feel the urge or someone
  makes you do it :)

- change auth-source.el to take '(secrets "COLL") as a auth-sources spec
  naming collection COLL.  Then it will simply call

  (secrets-get-attribute "COLL" "hostname:port" :login)
  (secrets-get-attribute "COLL" "hostname:port" :password)

  to get the login and password spec.  Does that seem reasonable?  I
  think the host name + port should be the key for simplicity (rather
  than searching and listing collection items), but you should decide.

  The calls to secrets.el will be autoloaded so unless you use the
  'secrets spec in auth-sources, you won't load the library.

- write docs in on setting this up

I can do the last two in that order, but need your opinion on the item


reply via email to

[Prev in Thread] Current Thread [Next in Thread]