From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.devel
Subject: Re: Modifying Emacs to use the Mac OS X Keychain Services
Date: Mon, 30 May 2011 07:27:12 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @ Cienfuegos
Message-ID: <87y61otlun.fsf@lifelogs.com>
References: <BANLkTikdsQspiLep1UPaJ73QhSLgiKHU1A@mail.gmail.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1306758455 20293 80.91.229.12 (30 May 2011 12:27:35 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Mon, 30 May 2011 12:27:35 +0000 (UTC)
To: emacs-devel@gnu.org
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Mon May 30 14:27:31 2011
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([140.186.70.17])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QR1ZD-0007aQ-Mm
	for ged-emacs-devel@m.gmane.org; Mon, 30 May 2011 14:27:31 +0200
Original-Received: from localhost ([::1]:55800 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1QR1ZD-0002mO-9a
	for ged-emacs-devel@m.gmane.org; Mon, 30 May 2011 08:27:31 -0400
Original-Received: from eggs.gnu.org ([140.186.70.92]:36970)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QR1ZA-0002mJ-Dk
	for emacs-devel@gnu.org; Mon, 30 May 2011 08:27:29 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QR1Z6-0007Wn-Jl
	for emacs-devel@gnu.org; Mon, 30 May 2011 08:27:28 -0400
Original-Received: from lo.gmane.org ([80.91.229.12]:41670)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QR1Z6-0007Wg-7R
	for emacs-devel@gnu.org; Mon, 30 May 2011 08:27:24 -0400
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ged-emacs-devel@m.gmane.org>) id 1QR1Z4-0007Wy-QT
	for emacs-devel@gnu.org; Mon, 30 May 2011 14:27:22 +0200
Original-Received: from c-67-186-102-106.hsd1.il.comcast.net ([67.186.102.106])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 30 May 2011 14:27:22 +0200
Original-Received: from tzz by c-67-186-102-106.hsd1.il.comcast.net with local (Gmexim
	0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <emacs-devel@gnu.org>; Mon, 30 May 2011 14:27:22 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 36
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: c-67-186-102-106.hsd1.il.comcast.net
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;
	d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT=
	D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:/HhOFfX7ldLH5zAlTQw0QbUZ29s=
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3)
X-Received-From: 80.91.229.12
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: </archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:139891
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/139891>

On Sun, 29 May 2011 20:08:26 -0500 Ben Key <bkey76@gmail.com> wrote: 

BK> The Keychain Services allows you to store items in the Default Keychain, the
BK> Login Keychain (which may be the Default Keychain), or in a separate
BK> Keychain file.  Should I use the Default Keychain or use an Emacs specific
BK> Keychain file?  The benefit of using the Default Keychain is that the user
BK> should never be prompted to provide a password for the Keychain.  However,
BK> keeping the passwords in a separate, Emacs specific, Keychain file would
BK> have the benefit of keeping the passwords used by Emacs separate from other
BK> passwords.

secrets.el understands session aliases, and the "default" collection is
typically an alias (I've seen it set to the "session" or "login"
keychains).  "session" is usually temporary for the login session.  Does
the Mac OS API not allow that?

In any case, I would not make a separate keychain for Emacs, only make
it possible to do so.  Your implementation should integrate in the
native OS as much as possible, so use the Default keychain by default
and give a function to change that.

auth-source specifies secrets.el session aliases like so in the
defcustom:

#+begin_src lisp
(choice :tag "Collection to use"
        (string :tag "Collection name")
        (const :tag "Default" 'default)
        (const :tag "Login" "Login")
        (const
         :tag "Temporary" "session"))
#+end_src

I hope that's helpful.

Ted