KDE Utils/ksecretsservice: Difference between revisions

From KDE Community Wiki
(Created page with "{{Template:I18n/Language Navigation Bar|KDE_Utils/kwallet}} == Structure == ksecretsservice is a secrets management infrastructure aiming to replace [[KDE_Utils/kwalle...")
 
(https://invent.kde.org/utilities/ksecrets was archived in 2020.)
 
(10 intermediate revisions by 7 users not shown)
Line 1: Line 1:
{{Template:I18n/Language Navigation Bar|KDE_Utils/kwallet}}
{{Note|https://invent.kde.org/utilities/ksecrets was archived in 2020.}}
== Structure ==


ksecretsservice is a secrets management infrastructure aiming to replace [[KDE_Utils/kwallet]].
[[File:KSecretsService_logo.png|frameless|right|KSecretsService logo]]
'''KSecretsService''' is a secrets (e.g. passwords and other authentication credentials) management infrastructure aiming to replace [[KDE_Utils/kwallet|KWallet]].


All the source code for this infrastructure can be found on [https://invent.kde.org/utilities/ksecrets KDE Invent].


== Project Structure ==
{| class="wikitable"
{| class="wikitable"
|-
|+ style="caption-side: top; vertical-align: bottom; text-align: center; font-size: larger; background: #bdc3c7; color: #31363b;" | KSecretsService
! part
|-
! purpose
! scope="col" style="min-width: 14em;" | Module
! important notes
! scope="col" style="min-width: 32em;" | Description
|-
|-
| ksecretsserviced
| style="text-align: center;" | ksecretsserviced
| store the secrets in a secure manner
| style="padding: 0.2em 2em;" | store the secrets in a secure manner
|
|-
| style="text-align: center;" | ksecretsservice
| style="padding: 0.2em 2em;" | Public API to be used by KDE applications
|-
| style="text-align: center;" | secretsync
| style="padding: 0.2em 2em;" | Tool used to synchronize secrets between several devices
|-
| style="text-align: center;" | kio
| style="padding: 0.2em 2em;" | Let users browse secrets using the ksecrets:// protocol
|-
| style="text-align: center;" | kwl2kss
| style="padding: 0.2em 2em;" | KWallet to KSecretsService conversion tool
|}
|}


=== Roadmap ===
=== Roadmap ===
 
{| class="wikitable" style="text-align: center;"
* Daemon (ksecretsserviced)
! style="min-width: 24em;" | Task !! style="min-width: 12em;" | Status
** ksecrets specific file format storage [DONE]
|-
** testing and bugfixing [IN PROGRESS]
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | Daemon (ksecretsserviced)
* KDE API (ksecretsservice)
|-
** support secret creation and retrieving [DONE]
| ksecrets specific file format storage
** implement signals [TO BE DONE]
| <span class="nowrap" style="display: inline;">[[File:Current_event_clock.svg|18px|link=|alt=Clock face]] '''Done'''</span>
* Secrets Sync Tool (ksecretssync)
|-
** Implement syncing protocol [TO BE DONE]
| testing and bugfixing
** Add IMAP support [TO BE DONE]
| <span class="nowrap" style="display: inline;">[[File:Current event clock.svg|18px|link=|alt=Clock face]] '''In progress'''</span>
** Add SFTP support [TO BE DONE]
|-
* ksecrets tool
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | KDE API (ksecretsservice)
** Specify commands to be added [TO BE DONE]
|-
** Implement these commands [TO BE DONE]
| support secret creation and retrieving
* kio (used to display secrets in e.g. Dolphin)
| <span class="nowrap" style="display: inline;">[[File:Yes check.svg|18px|link=|alt=]] '''Done'''</span>
** Finish it [TO BE DONE]
|-
* KWallet conversion tool (kwl2kss)
| implement signals
** More testing [TO BE DONE]
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
 
|-
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | Secrets Sync Tool (ksecretssync)
|-
| Implement syncing protocol
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| Add IMAP support
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| Add SFTP support
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | ksecrets tool
|-
| Specify commands to be added
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| Implement these commands
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | kio (used to display secrets in e.g. Dolphin)
|-
| Finish it
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|-
| colspan="2" style="background: #2980b9; color: #fff; font-size: 110%; font-weight: 800;" | KWallet conversion tool (kwl2kss)
|-
| More testing
| <span class="nowrap" style="display: inline;">[[File:To do checklist.svg|18px|link=|alt=Checklist document]] '''To Do'''</span>
|}


=== Notes ===
=== Notes ===
 
Originally this project was started as a means of compliance with an XDG Draft Specification for a 'Secret Storage API' that one can find [https://specifications.freedesktop.org/secret-service/latest/ here (version 0.2, released 2011)]. It calls for a D-Bus daemon providing a means for applications to securely store and retrieve secrets information. Under KDE, this is considered an implementation detail and KDE applications are supposed to use the client API described above. This is of greatest relevance for those users mixing elements of both the KDE and GNOME desktop environments, as the XDG (Cross Desktop Group) specification is also implemented by [https://wiki.gnome.org/Projects/GnomeKeyring GNOME Keyring]. Prevailing wisdom currently holds that those users should make a choice about the actual daemon they want to make use of and then stick with it, as no migration tool exists (yet) from KSecretsService to GNOME Keyring or vice versa.
Originally, this project was started as a freedesktop.org specification, that one could find here [[http://specs.freedesktop.org/secret-service/]]. This specification is for a DBus daemon providing a means for applications to securely store and retrieve secrets information. Under KDE, this is considered an implementation detail and KDE applications are supposed to use the client API described above. However, this implementation detail is important to be known for those users mixing KDE and GNOME, as the freedesktop.org specification is alos implemented by gnome-keyring. These user should make a choice about the actual daemon they want to activate and then stick with it, as no migration tool exists (yet) from ksecretsserviced to gnome-keyring or viceversa.

Latest revision as of 02:10, 19 December 2023

Note


KSecretsService logo
KSecretsService logo

KSecretsService is a secrets (e.g. passwords and other authentication credentials) management infrastructure aiming to replace KWallet.

All the source code for this infrastructure can be found on KDE Invent.

Project Structure

KSecretsService
Module Description
ksecretsserviced store the secrets in a secure manner
ksecretsservice Public API to be used by KDE applications
secretsync Tool used to synchronize secrets between several devices
kio Let users browse secrets using the ksecrets:// protocol
kwl2kss KWallet to KSecretsService conversion tool

Roadmap

Task Status
Daemon (ksecretsserviced)
ksecrets specific file format storage Clock face Done
testing and bugfixing Clock face In progress
KDE API (ksecretsservice)
support secret creation and retrieving Done
implement signals Checklist document To Do
Secrets Sync Tool (ksecretssync)
Implement syncing protocol Checklist document To Do
Add IMAP support Checklist document To Do
Add SFTP support Checklist document To Do
ksecrets tool
Specify commands to be added Checklist document To Do
Implement these commands Checklist document To Do
kio (used to display secrets in e.g. Dolphin)
Finish it Checklist document To Do
KWallet conversion tool (kwl2kss)
More testing Checklist document To Do

Notes

Originally this project was started as a means of compliance with an XDG Draft Specification for a 'Secret Storage API' that one can find here (version 0.2, released 2011). It calls for a D-Bus daemon providing a means for applications to securely store and retrieve secrets information. Under KDE, this is considered an implementation detail and KDE applications are supposed to use the client API described above. This is of greatest relevance for those users mixing elements of both the KDE and GNOME desktop environments, as the XDG (Cross Desktop Group) specification is also implemented by GNOME Keyring. Prevailing wisdom currently holds that those users should make a choice about the actual daemon they want to make use of and then stick with it, as no migration tool exists (yet) from KSecretsService to GNOME Keyring or vice versa.