Michael Catanzaro <mcatanzaro@xxxxxxxxx> writes: > On Wed, Nov 4, 2020 at 1:12 pm, Ben Cotton <bcotton@xxxxxxxxxx> wrote: >> Despite its original goal to be the central cryptographic service on >> desktop, the scope of GNOME Keyring has been gradually reduced over >> years. Notable examples are >> [https://bugzilla.gnome.org/show_bug.cgi?id=750514 gpg-agent removal] >> in 2015, [https://bugzilla.gnome.org/show_bug.cgi?id=791401 PKCS #11 >> module deprecation] > > Any plans to finish the PKCS#11 module deprecation work? Currently the > module cannot be removed as it implements public gcr API needed by > GNOME applications like geary. It's a bit off-topic to this Change proposal, but let me briefly answer: the original plan was to make the gcr API to use p11-kit-trust.so instead of gnome-keyring.so to store the trust assertion information. Later we realized that this approach requires significant effort, including the enablement of p11-kit-trust's per-user trust store by default, which is currently disabled at compile time. On the other hand, the use-case is quite limited (the only affected application I know of is geary). I suspect a more practical plan might be to let gcr maintain trust assertions in a local file by its own. I haven't had time to investigate this possibility further, but if anyone is willing to work on it, that would be certainly appreciated. Regards, -- Daiki Ueno _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
