[Authentication] Open Issue: Transient Collections

[Michael Leupold]

Stef Walter schrieb:
> One thing we haven't covered in the spec is collections that only live
> for the user's current desktop login session.
> 
> In gnome-keyring we have a 'session' keyring which does this. Do we want
> to have something like this in the secrets API? Among other things, it
> seems like it would be useful for browsers to create temporary collections.

We currently don't have such a feature directly in KWallet but we do 
have KPasswdServer which caches authentication information for some time 
(actually not the whole session but less). What are session keyrings 
used for in GNOME?

> There are two lifetimes here, that could be useful:
> 
>  * For the life of the dbus caller. Destroyed when the caller
>    leaves the service.
> 
>  * For the life of the user's desktop login session.
> 
> Any other ideas on how to bring this into the spec?

I'm thinking on which secrets browsers could use that:
- afaik cookies have a lifetime that is neither
- I wonder how to present a "remember but only till I log off" option to 
the user

But that's just some brainstorming, maybe some of the browser folks 
around could shed some light on how such a feature could be used in 
their apps before we decide on this.

Apart from that I think the second option makes more sense. The first 
one sounds like something that could be done inside an application (or 
using a client-only part of the api if access is meant to be done 
secret-service-like).

Regards,
Michael