Hello, As per blueck demand on the IRC, please find below a plain text page suitable for addition to the KWallet handbook, about the KDE Secret Sync tool. Hope my english is not too bad. Do not hesitate to adjust it if it's not very intelligible/readable :-)
*************** Begin ************* KDE Secret Sync tool aims to help synchronize secrets, such as passwords and login-in account information, between several devices running KDE. It comes as a feature of the new KSecretsService infrastructure. For more information about this infrastructure, please check http://techbase.kde.org/Projects/Utils/ksecretsservice and also the project information page https://projects.kde.org/projects/kde/kdeutils/ksecrets. This tool is currently under development. KDE Secret Sync uses cryptograpy to securely exchange the secrets between the devices. As such, it can be used over unsecure connections, such as the internet. The operation is quite simple and it can follow one of the two scenarios: - synchronize using a centralized resource, - peer-to-peer synchronization. *Using a centralized resource* This operating mode requires full access to an IMAP server. The KDE Secret Sync tool creates an encrypted resource under the folder of your choice then it updates it each time a local secret collection changes, as notified by the KSecretsService infrastructure. This occurs each time an application updates it's secret information. KDE Secret Sync tool periodically checks this central resource for modifications and when updates are found, then they are pushed to the corresponding local collection. This case requires permanent connection to an IMAP server. The KDE Secret Sync tool will hold sync operations during network outages. The security level of this kind of operation depends of the security of the IMAP server and the encrypting algorithm used to created the centralized resource. On the other hand, storing the secrets on that centralized resources can also be viewed as a backup. *Peer-to-peer synchronization* This operation mode does not require access to a centralized IMAP server. A list of known computers is used instead. KDE Secret Sync will initiate secret exchange sessions with each of it's known computers over a SSH tunnel. The local secret changes are propagated to the other known computers as soon as they are detected. This case require a network connection between known devices. The KDE Secret Sync tool will hold sync operations with the devices that are not available due to network outages. A naming service should be used for devices that change IP address with each connection. *************** End ************* -- Valentin Rusu (IRC valir, KDE vrusu) KSecretsService (former KSecretService, KWallet replacement)