On 04/15/2012 03:45 PM, Thomas Ã…kesson wrote:
>> You are correct. Today we have DSO options for GNOME/KDE, and simple
>> #if-wrapping for Win32 and MacOS. GPG Agent doesn't have the
>> lib/heavy deps, as the code communicates with the agent not through a
>> custom API, but directly via socket I/O.
>>
>> Not sure what you're envisioning when you say "a new callback".
>
> Just want to make sure you are aware of the initiative "Secret Service
> API" unifying Gnome and KDE. The spec is still a draft but it seems that
> both implement it.
>
> http://standards.freedesktop.org/secret-service/
I was not aware of the initiative, but am happy to learn of it. The sheer
amount of software replicated between the KDE/Gnome divide is just embarrassing.
> How would the hypothetical existence of such a secret storage on Windows
> impact this Subversion initiative?
If there was a single,
common-and-commonly-available-across-all-supported-OSes way to do this
stuff, that'd be fantastic. But Windows isn't the problem area today, so
I'm not sure that adding yet another way to do secrets on Windows would
matter much.
The Secret Service thing would allow us to continue offloading
responsibility for encryption to third-parties as we do today, though at the
continued cost of a hybrid storage model (where half of the details we need
to know to authenticate are cached in ~/.subversion, the other half live
elsewhere). As such it doesn't allow us to easily pick up and relocate an
encrypted store to another machine -- but I don't know how interesting that
feature is to anyone.
--
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet <> www.collab.net <> Distributed Development On Demand
Received on 2012-04-16 16:44:08 CEST