KDE Utils/ksecretsservice
Note
KSecretsService is a secrets (e.g. passwords and other authentication credentials) management infrastructure aiming to replace KWallet.
All the source code for this infrastructure can be found on KDE Invent.
Project Structure
| Module | Description |
|---|---|
| ksecretsserviced | store the secrets in a secure manner |
| ksecretsservice | Public API to be used by KDE applications |
| secretsync | Tool used to synchronize secrets between several devices |
| kio | Let users browse secrets using the ksecrets:// protocol |
| kwl2kss | KWallet to KSecretsService conversion tool |
Roadmap
| Task | Status |
|---|---|
| Daemon (ksecretsserviced) | |
| ksecrets specific file format storage |  Done
|
| testing and bugfixing | In progress
|
| KDE API (ksecretsservice) | |
| support secret creation and retrieving |  Done
|
| implement signals |  To Do
|
| Secrets Sync Tool (ksecretssync) | |
| Implement syncing protocol | To Do
|
| Add IMAP support | To Do
|
| Add SFTP support | To Do
|
| ksecrets tool | |
| Specify commands to be added | To Do
|
| Implement these commands | To Do
|
| kio (used to display secrets in e.g. Dolphin) | |
| Finish it | To Do
|
| KWallet conversion tool (kwl2kss) | |
| More testing | To Do
|
Notes
Originally this project was started as a means of compliance with an XDG Draft Specification for a 'Secret Storage API' that one can find here (version 0.2, released 2011). It calls for a D-Bus daemon providing a means for applications to securely store and retrieve secrets information. Under KDE, this is considered an implementation detail and KDE applications are supposed to use the client API described above. This is of greatest relevance for those users mixing elements of both the KDE and GNOME desktop environments, as the XDG (Cross Desktop Group) specification is also implemented by GNOME Keyring. Prevailing wisdom currently holds that those users should make a choice about the actual daemon they want to make use of and then stick with it, as no migration tool exists (yet) from KSecretsService to GNOME Keyring or vice versa.