Comment 124 for bug 41179

Hey guys, just wanted to give a heads up here...

I gave a talk at GUADEC which presented an alternate password storage model, where the secret service provides a master key to apps (like firefox) via standard interfaces like the linux kernel keyring. Apps can use this key to encrypt their own password storage database.

The above works well in the case of sandboxing. I think it also fits really well within the firefox model. You don't have to worry about things like async access for each password to another daemon.

I feel bad posting this here without more details, but over the next few days I'm going to clean up my slides, and do some blog posts about this.

You can see a bit of history here:

http://lists.freedesktop.org/archives/authentication/2013-May/000267.html