Nate Nielsen wrote:
> James Henstridge wrote:
>
>> I haven't looked at the seahorse code much, but if gnome-gpg and
>> seahorse are storing PGP passphrases in the keyring it would make sense
>> to use the same key names so that the user doesn't need to reenter their
>> passphrase for each app (they'd still need to authorise the app to
>> access the key though).
>>
>
> Good point. The seahorse gnome-keyring code [1] was committed [2] today,
> so I have no problems changing the field names this early on.
>
> A screenie: http://memberwebs.com/nielsen/shots/cache-preferences.png
>
> One thing to note is that seahorse can cache passphrases in different
> ways (ie: secure memory for the session, gnome-keyring) and one of the
> goals of seahorse is to cache keys/passwords of different types (ie:
> SSH, x509).
>
> It currently uses the following gnome-keyring fields.
>
> seahorse-key-type: gpg
> seahorse-keyid: 32 character keyid
>
Is there any particular reason you chose to use two attributes to
identify the key rather than a single attribute whose name indicates the
type? Is this to query all keys of a particular type?
> Any suggestions on common field names? If gnome-gpg already has a whole
> lot of users, then I don't mind using 'gnome-gpg-keyid' for OpenPGP keys.
>
I'm not sure how large a number of users gnome-gpg has. Also, I changed
the attributes in the most recent version of gnome-gpg when moving to
the --control-fd interface of GPG (mainly switching to 64-bit key IDs as
used by the control protocol). So currently gnome-gpg adds the
following attributes:
* gnome-gpg-keyid: 64-bit OpenPGP key ID (16 hex characters)
* gnome-gpg-userid: the primary UID for the key. Not actually used
by gnome-gpg for queries, but I had the information and it seemed
like it might be useful for other applications.
There are two ways we could go in order to get interoperability:
1. Pick a de facto standard gnome-keyring query used to lookup the
passphrase and make both seahorse and gnome-gpg use that.
2. Make gnome-gpg set seahorse-key-type and seahorse-keyid
attributes, and seahorse set the gnome-gpg-keyid attribute, so the
passphrase will be found by the other application.
If (1) is chosen we might still want to do (2) to provide compatibility
during a transition period, but that may be overkill.
James.
_______________________________________________
desktop-devel-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/desktop-devel-list
