[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-active
Subject: Re: Task Proposal: Centralized account management
From: "Lamarque V. Souza" <lamarque () kde ! org>
Date: 2012-01-24 13:00:14
Message-ID: 201201241100.14284.lamarque () kde ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Em Friday 20 January 2012, Sebastian Kügler escreveu:
> > Em Friday 20 January 2012, Marco Martin escreveu:
> > > On Thursday 19 January 2012, todd rme wrote:
> > > > I assume the authentication would be stored in kwallet?
> > >
> > > for those that have username and password i guess so, yeah
> > >
> > > more complex stuff that require things like api keys eh, still don't
> > > know
> >
> > Shouldn't this take into account the encrypted activities
> >
> > implementation? If the username and password was first filled in an
> > encrypted activity it should not be available to every app on the system
> > without prior authorization. If you use kwallet without changes that is
> > exactly what is going to happen. Unless you use one wallet per encrypted
> > activity with different passwords for each of them.
>
> In which case unlocking a private activity should also unlock this private
> wallet. (This is to not have 3 password challenges upon switching
> activity, or logging in.)
I was thinking in using the activity's password as the individual wallet
password as well. In my oppinion there should be only a device password (to
lock the entire device) and individual private activity passwords. In all
other situation or "legacy" programs that requires password, like kwallet, we
should use the activity password to avoid asking for password too many times.
Everytime we change the activity password we should also change the password
of the wallet associated to that activitiy.
--
Lamarque V. Souza
KDE's Network Management maintainer
http://planetkde.org/pt-br
[Attachment #5 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" \
"http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" \
content="1" /><style type="text/css"> p, li { white-space: pre-wrap; }
</style></head><body style=" font-family:'Tahoma'; font-size:12pt; font-weight:400; \
font-style:normal;"> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Em Friday \
20 January 2012, Sebastian Kügler escreveu:</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> > Em Friday 20 January 2012, Marco Martin \
escreveu:</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > \
> On Thursday 19 January 2012, todd rme wrote:</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> > > > I assume the authentication \
would be stored in kwallet?</p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> > > </p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> > > for those that have username and password i guess \
so, yeah</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > \
> </p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > \
> more complex stuff that require things like api keys eh, still don't</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > > know</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > </p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > Shouldn't this \
take into account the encrypted activities</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> > </p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> > implementation? If the username and \
password was first filled in an</p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> > encrypted activity it should not be available to every \
app on the system</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > \
without prior authorization. If you use kwallet without changes that is</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > exactly what is \
going to happen. Unless you use one wallet per encrypted</p> <p style=" \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > activity with \
different passwords for each of them.</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> </p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">> In which case unlocking a private activity \
should also unlock this private</p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">> wallet. (This is to not have 3 password challenges upon \
switching</p> <p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> \
activity, or logging in.)</p> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; "> </p> <p style=" margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"> I was thinking in using the activity's password as the individual \
wallet password as well. In my oppinion there should be only a device password (to \
lock the entire device) and individual private activity passwords. In all other \
situation or "legacy" programs that requires password, like kwallet, we \
should use the activity password to avoid asking for password too many times. \
Everytime we change the activity password we should also change the password of the \
wallet associated to that activitiy.</p> <p style="-qt-paragraph-type:empty; \
margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; "> </p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">-- </p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">Lamarque V. Souza</p> <p style=" margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;">KDE's Network Management maintainer</p> <p \
style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; \
-qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;">http://planetkde.org/pt-br</p></body></html>
_______________________________________________
Active mailing list
Active@kde.org
https://mail.kde.org/mailman/listinfo/active
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic