Can we use the OS X Keychain as the data store for the Mac version of the Moonshot client software?

Asked by Pete Fotheringham on 2011-12-02

For the Mac port of the Moonshot Client software (moonshot-ui in the initial implementation), we planned to reuse the Linux code which uses DBus to prevent multiple concurrent write access to the datastore. In the Revised Client Architecture (http://www.project-moonshot.org/devwiki/design/revisedclientarchitecture/) this is the role of the identity-storage-server entity.

It has been suggested that we could instead use the OS X Keychain to fulfil this role. My initial response is that this would have a number of advantages including:
+ not having to use DBus in the Mac implementation at all;
+ less code to maintain
+ less complexity in our software.

I'm raising this issue here so that discussions can be tracked before a decision needs to be made.

Question information

Language:
English Edit question
Status:
Solved
For:
Project Moonshot Edit question
Assignee:
No assignee Edit question
Solved by:
Pete Fotheringham
Solved:
2011-12-06
Last query:
2011-12-06
Last reply:
2011-12-06

This question was reopened

Sam Hartman (hartmans) said : #2

From the moonshot side, there is certainly no problem using the keychain. The biggest question will be whether the keychain can look up based on all the right columns to meet all the requirements of the identity selector.
Another question I'd have is whether there is enough in common between the Mac keychain and Gnome Keyring that you can have some code in common for both.

If the Keychain does not (and cannot be persuaded to) meet our requirements, then we can re-use the DBus method from the Linux implementation as originally planned. We'll find out nearer the time!

Gnome Keyring would be interesting, but we can't assume it will be available on all Linux systems. Anyway, for now, the DBus method works for Linux. Making a different storage server which does use Gnome Keyring is an interesting piece of work for the future.

Sam Hartman (hartmans) said : #4

>>>>> "Pete" == Pete Fotheringham <email address hidden> writes:

    Pete> Gnome Keyring would be interesting, but we can't assume it
    Pete> will be available on all Linux systems. Anyway, for now, the
    Pete> DBus method works for Linux. Making a different storage server
    Pete> which does use Gnome Keyring is an interesting piece of work
    Pete> for the future.

I think you're missing my point. My question is is there design effort
that should be shared between an eventually Gnome Keyring server and
Keychain server. Regardless of whether you implement Gnome bindings
today.
I am not familiar enough with either interface to know the answer to
this.

You're correct I had missed your point. When I get to thinking about the Keychain server, I will keep the Gnome keyring in mind, and try do things in a way that could work with both.
Thanks.