The situation of KWallet, and what to do about it?

Mark Gaiser markg85 at gmail.com
Mon Jul 11 20:29:12 UTC 2016


On Mon, Jul 11, 2016 at 9:58 PM, Thomas Pfeiffer <thomas.pfeiffer at kde.org>
wrote:

> On 07.07.2016 19:50, Kevin Ottens wrote:
>
>> There's two sides to that problem in fact, use from applications and the
>> service provided by our workspace.
>>
>> I think that for applications the answer is neither KSecretService nor
>> KWallet, etc. For the goal of making it easier for our applications to be
>> shipped on more platforms, what we want in fact is to port them away from
>> anything platform specific to something like QtKeyChain:
>> https://inqlude.org/libraries/qtkeychain.html
>>
>
> This way, the actual storage becomes a workspace decision. That could keep
>> being KWallet if improved, or KSecretService, or a simple D-Bus service
>> wrapping libsecret... For sure it would at least simplify things on the
>> KWallet/KSecretService side, they wouldn't need to be frameworks anymore
>> (QtKeyChain or equivalent would play that role) just to expose a D-Bus API
>> (likely the Secret Service one in the end).
>>
>
> Oh, indeed, that would absolutely make sense! Deploying and using
> applications which use KWallet outside of Plasma must be a pain right now.
>
> So how do we make that happen? Deprecate the KWallet framework and
> recommend to use QtKeyChain instead, and then in parallel decide which
> bakcend to use for QtKeyChain in Plasma?


I don't get that. How is deprecating KWallet paves the way to make
something new with QtKeyChain? As far as i can tell, QtKeyChain isn't a
keychain at all, it's a wrapper around platform specific keychains that
provides a unified interface for keychain functionality. It itself doesn't
implement a keychain (or it does on windows?).

Or do you mean deprecating/removing the *graphical* KWallet part and
re-implementing that in top of QtKeyChain?

Using QtKeyChain would be interesting imho. Specially if that itself is
extended to use other web backends as keychain.

>
>
>
>>> https://www.freedesktop.org/wiki/Specifications/secret-storage-spec/secrets->
>>> api-0.1.html
>>>
>>
>> 0.1 being outdated, you probably want to link that one:
>> https://standards.freedesktop.org/secret-service/
>>
>
> Ah yes, indeed.
>
> Hope that somewhat made sense and helps.
>>
>
> It made sense to me at least :)
>
> _______________________________________________
> Plasma-devel mailing list
> Plasma-devel at kde.org
> https://mail.kde.org/mailman/listinfo/plasma-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/plasma-devel/attachments/20160711/3ac34198/attachment-0001.html>


More information about the Plasma-devel mailing list