Chandler has the ability to remember passwords, and many high profile programs (e.g. Firefox) that have this ability can encrypt these passwords.
Doing encryption/decryption like this traditionally requires the user to set a master password. The master password is never stored on disk, it will be asked from the user on demand, and may be remembered in memory until program shutdown or timeout. I think we need to provide some level of encryption support in Preview timeframe. For example, I think our users should be able to submit their repositories to us for debugging purposes without us learning their passwords. Do we want to default to requiring a master password to encrypt and decrypt the other passwords? Or do we start unencrypted, offer a "encrypt" checkbox in the accounts dialog, and also when making a repository backup/dump? (I think I am slightly in favor of this.) Do we want to provide encrypting arbitrary items/attributes? (I wouldn't worry about this until after Preview.) Do we want to protect the passwords in memory? I must point out that this would be quite a bit of work, and it is not certain we could even cover all cases (passing password strings into libraries we may not have control over, for example). This would involve things like: clear out master password on timeout, never store the other passwords in clear text except for the moment when they are needed, zero out the actual bits in memory once done, prevent password memory from being swapped out, etc. (I wouldn't worry about passwords in memory myself.) Please note that Chandler already supports encrypting the entire repository. An alternative on some operating systems is to ask the OS to encrypt the disk/directory where the repository is. Another thing to note is that many OSes provide password safes of their own with naturally platform specific APIs. I am not suggesting we try to hook up with these in Preview timeframe. Reply-to set to design. -- Heikki Toivonen
signature.asc
Description: OpenPGP digital signature
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "Design" mailing list http://lists.osafoundation.org/mailman/listinfo/design
