Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

Changes between Version 4 and Version 5 of KeyringSupport


Ignore:
Timestamp:
May 16, 2013, 5:40:25 PM (11 years ago)
Author:
tomkiewicz
Comment:

Update all info about keyring support.

Legend:

Unmodified
Added
Removed
Modified
  • KeyringSupport

    v4 v5  
    11Keyrings cryptographically secure your password in a way that would generally be more secure (although not perfect). It would require a master password, shared amongst all the applications on your computer, to get at your passwords.
    22
    3 Pidgin does not currently support storing passwords in keyrings; currently you must either store passwords unencrypted or not at all.
     3Pidgin 2.x.y does not support storing passwords in keyrings; currently you must either store passwords unencrypted or not at all (why? see PlainTextPasswords). However, 3.0.0 will support this feature.
    44
    55== Status ==
    66
    7 This is being actively worked on by Tomasz Wasilczyk in the soc.2008.masterpassword branch of  https://hg.pidgin.im/cpw/tomkiewicz/masterpassword  The code has not been merged into the main development tree yet.
     7This is being actively worked on by Tomasz Wasilczyk in the soc.2008.masterpassword branch of  hxxps://hg.pidgin.im/cpw/tomkiewicz/masterpassword. The code has not been merged into the main development tree yet, but it's ready for a review.
    88
    99This code initially came from a Google Summer of Code [wiki:GSoC2008/MasterPassword project] in 2008.
    1010
    11 The GSoC branch ({{{im.pidgin.soc.2008.masterpassword}}}) has implementations for Freedesktop and KWallet.
    12 
    13 == See also ==
    14 * wiki:PlainTextPasswords
    15 * The feature request is ticket #673
    16 * [https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/75850 Launchpad bug]
     11== Related tickets ==
     12* #673
     13* [hxxps://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/75850 Launchpad bug #75850]
    1714
    1815== Specific keyrings ==
    1916
    20 === GNOME Keyring and KDE KSecretsService ===
    21 Status: implemented but not integrated
     17=== Internal keyring ===
     18Status: implemented
    2219
    23 These are the GNOME and KDE implementations of the [http://standards.freedesktop.org/secret-service/ Freedesktop Secret Service API], intended to provide a standard interface for Linux apps to store passwords and stuff.
     20It works in two modes: cleartext (passwords are stored unencrypted, as before) and using encryption with a master key. User needs to provide a master password once per every Pidgin startup. It uses AES-256 for encryption and PBKDF2-SHA256 for key derivation.
    2421
    25 Pidgin would need to connect to the DBus API to store and retrieve passwords. There are several libraries to do this, including [https://live.gnome.org/Libsecret libsecret] and [https://pypi.python.org/pypi/keyring python-keyring].
     22=== GNOME Keyring and KWallet ===
     23Status: implemented
    2624
    27 === KDE KWallet ===
    28 Status: implemented but not integrated
     25These are the GNOME and KDE specific keyrings, where user needs to provide a master password once (depending on configuration) per system startup.
    2926
    30 Currently uses its own API, but there has been discussion about replacing it with KSecretsService using the standard API.
     27=== Freedesktop Secret Service API ===
     28Status: partially implemented, not integrated
    3129
     30It's intended to provide a standard interface for Linux apps to store passwords and similar stuff.
     31
     32Pidgin connects to the [hxxp://standards.freedesktop.org/secret-service/ Secret Service] DBus API to store and retrieve passwords. There are several libraries to do this, including [hxxps://live.gnome.org/Libsecret libsecret] and [hxxps://pypi.python.org/pypi/keyring python-keyring].
     33
     34=== Windows credential manager ===
     35Status: implemented
     36
     37This keyring encrypts passwords using Windows user account data. Its security depends on system configuration - encryption does nothing, if user’s account isn’t even protected with password.
    3238
    3339=== KeePass ===
    34 http://keepass.info/
     40Status: not implemented
    3541
    3642Cross-platform, open-source password manager.
    3743
    38 Integrating with Pidgin would involve either [http://keepass.info/help/v2/plugins.html writing a KeePass plug-in], or using one of the existing plugins that facilitate communicating with other apps. See for example [http://keefox.org/ KeeFox] (KeePass–Firefox bridge), which includes the [http://keefox.org/2010/12/02/keepassrpc-plugin-technical-overview/ KeePassRPC plugin].
     44Integrating [hxxp://keepass.info/ KeePass] with Pidgin would involve either [hxxp://keepass.info/help/v2/plugins.html writing a KeePass plug-in], or using one of the existing plugins that facilitate communicating with other apps. See for example [hxxp://keefox.org/ KeeFox] (KeePass–Firefox bridge), which includes the [hxxp://keefox.org/2010/12/02/keepassrpc-plugin-technical-overview/ KeePassRPC plugin].
    3945
    4046=== Mac OS Keychain ===
    41 https://en.wikipedia.org/wiki/Keychain_%28Mac_OS%29
     47Status: not implemented
    4248
    43 [https://developer.apple.com/library/mac/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html Apple's developer documentation for Keychain]
     49This is [hxxps://en.wikipedia.org/wiki/Keychain_%28Mac_OS%29 Mac OS specific keyring]. Here is [hxxps://developer.apple.com/library/mac/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html Apple's developer documentation] for it.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!