On 04/16/2012 09:53 PM, Thomas Åkesson wrote: >> Yeah, I hear you about the OS X user point of view. At this point, I'm >> fairly convinced that for Windows and OS X, the use-master-password feature >> will be less frequently used. (It will be off by default on all OSes.) > > AFAIK, both Kwallet and Gnome Keyring require a graphical desktop and to > a large extent lack command line tools. Is that kind of the core problem > here?
That is certainly part of the problem. I was able to figure out how to get GNOME Keyring working in a non-GUI environment, and CollabNet provides some command-line tooling for that agent, too, but users would really prefer that stuff just work out of the box. > I would like to see a non-graphical implementation of the Secret Service > API with a solid CLI. That would merit a project in itself, separate from > Subversion (e.g. Apache Keywhatever). It seems like Dbus can be used > either with a daemon or more light-weight with just libdbus. Are there > any OS with pressing need for Subversion password storage that does not > have libdbus? I'm not aware of any -- I mean, I assume the *BSDs all have libdbus support. > Alternatively, if there is a determination to implement encrypted storage > within the Subversion project, how about basing that "module" on the > Secret Service API, with or without libdbus? > - All Subversion's requests for secrets done with the same API, > untangling the code. > - Internally stored secrets are just returned by the module > (non-graphical POSIX-systems and potentially Windows). > - Secrets stored in Gnome Keyring/Kwallet are requested using their > Secret Service implementation, which is simply relaying the API calls. > - Keychain is wrapped by the module. Not sure how difficult it is to map > Keychain and the Secret Service API, but it would be a bit surprising if > it turns out to be impossible. In theory, I'm okay with this. Where is Secret Service today in terms of implementation, real-world usage, etc? Are you volunteering to join the coding effort? -- C. Michael Pilato <cmpil...@collab.net> CollabNet <> www.collab.net <> Distributed Development On Demand
signature.asc
Description: OpenPGP digital signature
