> Hm... or maybe only the 'password' type fields should be stored in > keychain and every other form field can be provided on the command > line? Those ones aren't secret, after all. Yeah, I agree. Keychain should only fill the password type field. > We do still need to allow for the fact that there might be multiple > passwords though (and one day, maybe some saveable and some not, for > example a password and a separate OTP). But specifying on the command > line which password(s) to save would be OK, I think? Yes, that's why I mentioned in previous email asking user to save it or not in Keychain, but giving it as an argument would be better option. I knew it because for my personal usage, the form requires two passwords and one is for OTP as exactly what you described. Let me change a little bit more on my patch. > FWIW what I'd *really* like to see is SSL certificate support using the > keychain... Looks like GnuTLS has common API that is for supporting system key store, however, according to their documents, it?s at this moment only supporting Windows one. I think it may be not much difficult to use Keychain to lookup certificates and keys like what current `ANDROID_KEYSTORE` does. Let me try after implementing above changes for passwords. Y -- Yoshimasa Niwa
