From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Michael Albinus Newsgroups: gmane.emacs.devel Subject: Re: Modifying Emacs to use the Mac OS X Keychain Services Date: Mon, 06 Jun 2011 22:26:11 +0200 Message-ID: <8739jmso4c.fsf@gmx.de> References: NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1307399726 22685 80.91.229.12 (6 Jun 2011 22:35:26 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Mon, 6 Jun 2011 22:35:26 +0000 (UTC) Cc: tzz@lifelogs.com, Emacs Development To: Ben Key Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Tue Jun 07 00:35:22 2011 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([140.186.70.17]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1QTiOH-00039M-68 for ged-emacs-devel@m.gmane.org; Tue, 07 Jun 2011 00:35:21 +0200 Original-Received: from localhost ([::1]:44928 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QTiOG-0006eV-41 for ged-emacs-devel@m.gmane.org; Mon, 06 Jun 2011 18:35:20 -0400 Original-Received: from eggs.gnu.org ([140.186.70.92]:32894) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QTgNO-0008Bs-TS for Emacs-devel@gnu.org; Mon, 06 Jun 2011 16:26:19 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QTgNN-0000FA-Pk for Emacs-devel@gnu.org; Mon, 06 Jun 2011 16:26:18 -0400 Original-Received: from mailout-de.gmx.net ([213.165.64.23]:34611) by eggs.gnu.org with smtp (Exim 4.71) (envelope-from ) id 1QTgNN-0000Es-8D for Emacs-devel@gnu.org; Mon, 06 Jun 2011 16:26:17 -0400 Original-Received: (qmail invoked by alias); 06 Jun 2011 20:26:14 -0000 Original-Received: from p57BB9B47.dip0.t-ipconnect.de (EHLO detlef.gmx.de) [87.187.155.71] by mail.gmx.net (mp019) with SMTP; 06 Jun 2011 22:26:14 +0200 X-Authenticated: #3708877 X-Provags-ID: V01U2FsdGVkX18XUNVufZUXQISq4MEDREwplLOOMx+vT16B0zJcnH upNi8KwViZ4rUf In-Reply-To: (Ben Key's message of "Sun, 5 Jun 2011 13:54:20 -0500") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) X-Y-GMX-Trusted: 0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 213.165.64.23 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:140245 Archived-At: Ben Key writes: > Hello, Hi Ben, > I am still working on this task.=C2=A0 I need some more advice though. Ted did answer already from the auth-source.el pov. Here are some more details from secrets.el. > But, after taking another look at auth-source.el, I am wondering if > this was the correct design decision.=C2=A0 I am wondering if I should > instead be interpreting the collection parameter as an indication of > which keychain file to store the passwords in.=C2=A0 I could interpret the > value "default" for the collection parameter as an indication that the > default keychain should be used.=C2=A0 I could interpret the value "Login" > or "secrets:Login" as an indication that the Login keychain should be > used.=C2=A0 Other values for collection parameter could be interpreted as > an indication that the data should be stored in a file > {collection}.keychain in ~/Library/Keychains.=20 > > Which interpretation of the collection parameter is the correct one?=C2=A0 > I ask because I want to be sure to get this right. A collection in the Secrets Service API is just a bundle of passwords (more precisely: secret items). It does not tell you how they are stored. And there are even collections, which are not stored permanently. With the GNOME Keyring (the implementation of the Secrets Service API I prefer), there is usually just the collection "login". This is the only physical collection, if you do not create other ones, and this collection is stored in the file "~/.gnome2/keyrings/login.keyring". However, the existence of this collection is not guaranteed by the API. The only promise of the API is a collection called "default", which is not a physical collection but an alias. No wonder, initially this alias points to the "login" collection. You could change this link. Another collection offered by the Secrets Service API is called "session". This collection is not a persistent one; it has no physical representation on your disk, and its lifetime is equal the Secret Service session (per default, the running desktop session). This collection is good for people who want a kind of password cache for reuse, but who do not want it stored permanently. Best regards, Michael.