> Thanks for the suggestions, but this is kind of the opposite of where I
> see Revelation heading. Your UI is very geared towards easy access to
> multiple files, while Revelation will be using a single default file
> from 0.5.0 and remove any file-handling options (like new/open/save
> file). It will still be possible to open a different database, but the
> UI will definately be designed for using a single file instead of
> multiple files.

So how are you going to handle the case of different customers?

At work, I have very sensitive accounts for customer B, but I'm mostly
working with customer A, using the password database intensively to go
from system to system. With one common file and UI, you have access to
the passwords of customer B when you are just using the customer A
stuff, and in some cases this might be a real issue, if customer B
passwords may be available ONLY when really used, so this use case
requires subtree locking.

In general, I don't like the idea that you basically push people to open
their password file for all data they have when what you just needed was
some obscure, nonsensitive website password. (It's you pushing, if you
by design decisions make it harder to group things to different files
with completely different access permissions.)

Or think about the case, when there is a common password list for
hundreds of different root and router accounts in the machine rooms.
This is almost never used, but must be up to date for disaster recovery
console access. In single file model, this would be a subtree of the
password file, and periodic password changes to this data are much
harder to distribute. This would require subtree export and import,
which makes it pretty much same thing as having separate files anyway.

Obviously, adding 'subtree' locking, import and export basically just
means having a separate file :)

Right now I am running multiple revelation prosesses with multiple files
to handle this - your new user interface does not help to any of above
problems, and I guess I'll continue just using multiple files.

You could think of my sidebar idea as a shortcut list to multiple files,
and whole sidebar could simply be disabled by default if user has only
one file anyway - I don't see how it would be conflicting with your
plans for 0.5.x single file user interface philosophy - of course if you
bring the single file user interface too deep, well the code doesn't
just handle multiple files simultaneously :) Anyway, if this is not the
case, you could just move the removed buttons to the sidebar as well.

> But thanks for the feedback, and don't hesitate to let me know if you
> have other suggestions.

- add option to show in 'file is locked, please enter password' name of
  the file - guess how many times I've been thinking 'ok this is on desk
  2 and that much from right edge, it must be password list for x' :)

- more complex issue is that I would like to see the file operations
  being made with either gpg or pkcs11 stuff, basically just 'use pgp
  keys X,Y,Z to encrypt the file' is my point. I want this to
  - share things with coworkers using pgp and revelation
  - be able to use my OpenPGP smartcard key to encrypt these files

Thanks for great software, whatever you decide to do :)


Reply via email to