[Authentication] Open Issue: Transient Collections
Stef Walter
stef-list at memberwebs.com
Mon Aug 31 19:20:19 PDT 2009
Josef Kufner wrote:
> Michael Leupold píše v Ne 30. 08. 2009 v 23:35 +0200:
>> Stef Walter schrieb:
> [...]
>>> * For the life of the user's desktop login session.
>>>
>>> Any other ideas on how to bring this into the spec?
>> I'm thinking on which secrets browsers could use that:
>> - afaik cookies have a lifetime that is neither
>> - I wonder how to present a "remember but only till I log off" option to
>> the user
>
> Do not forget that many users only suspend their machines, so "until I
> log off" can be more than few months... There should be some 'big red
> button' which forces to forgot these short-live passwords & cookies --
> for example while suspending.
When suspending/hibernating, gnome-keyring locks all keyrings and clears
the session keyring. When unlocking (after wakeup) any 'auto unlock'
keyrings are unlocked.
Similar behavior will most likely continue once we have the secrets API
implemented. Obviously such behavior is outside the spec though.
Cheers,
Stef
More information about the Authentication
mailing list