OpenSync desktop synchronisation support

[GoogleCodeExporter]

There are a huge number of issues open for import/export of file formats 
for other applications. I think it would be safe to assume that everyone 
would rather have their passwords kept in sync with their desktop 
application, rather than simply importing them and letting them diverge 
over time.

Fortunately, Secrets could solve both problems at the same time. If 
Secrets created an OpenSync (http://www.opensync.org) conduit to convert 
Secrets files to/from a generic XML format, it would allow synchronisation 
of Secrets files with other Secrets files (over a number of transport 
options, such as USB, Bluetooth, WiFi). Secrets developers could then 
create conduits to convert the most important formats to/from the XML 
format. This would allow these formats to synchronise with other files in 
that format, or with the Secrets format, or any other formats that have a 
conduit.

This approach may be slightly more work for the first format or two, but 
would have the epic advantage that it makes it increasingly attractive for 
other projects to write a converter to/from the XML format (perhaps to get 
support for KeePass), which would give Secrets that ability as well.

Original issue reported on code.google.com by lunatick...@gmail.com on 5 May 2010 at 2:25

[GoogleCodeExporter]

This sounds like a good idea.  How would this be integrated into secrets?  
Would 
secrets link against a library that can parse the xml files, or would secrets 
parse 
the files itself?

Can you provide an example xml file that would be used for password management 
type 
apps?

Thanks.

Original comment by roge...@gmail.com on 22 May 2010 at 3:42

• Added labels: Import, Priority-Low, Type-Enhancement
• Removed labels: Priority-Medium, Type-Defect

[GoogleCodeExporter]

Original comment by roge...@gmail.com on 22 May 2010 at 4:14

• Changed state: Accepted

[GoogleCodeExporter]

My understanding is that there is a libopensync, so Secrets would need to write 
a
plugin that converts from Secrets format to something more generic.

I don't know a lot about the technical aspects, but I don't think that any other
password programs use OpenSync -- probably because no others use it yet.

I would expect that the OpenSync devs would be keen to help you do this. The 
list is
here:
https://lists.sourceforge.net/lists/listinfo/opensync-devel

Original comment by lunatick...@gmail.com on 7 Jun 2010 at 8:41

[GoogleCodeExporter]

I can only hope you're not thinking about adding a network sync. I really that 
warm fuzzy feeling of safety when the application I use to store some of my 
secrets does not even have the permission to send anything over the network.

We can argue that it's an open source app, so everybody would see if it was 
doing something wrong, but network access would still make me feel uneasy. In 
the end it's not like someone is screening every update?

Paranoid? Maybe a bit. But there's plenty of other applications that support 
more or less elaborate synchronisation scenarios. Personally, I like the 
simplicity of this application as is — just stores stuff, and exports them on 
the card, if you ask it to. I hope such option will stay there forever.

Original comment by pitk...@gmail.com on 24 Oct 2010 at 9:13

[GoogleCodeExporter]

Hi pitkali,

You are not paranoid, nor are you alone in getting that warm and fuzzy feeling 
about apps that don't have internet access.  At this point internet access is 
not a permission that Secrets will ever ask for.

Sync'ing with the "desktop" is something that lots of people have asked for 
though, and even I sometimes wished there was something like that.  I've been 
thinking about a solution to this problem for a little while now (and because 
of these security issues I'm moving deliberately slowly).  The solution is 
along the lines of installing a second, totally separate app that privately 
communicates with Secrets and syncs with some online service (not a desktop).

The bottom line then is this: those who don't need sync'ing can install Secrets 
only, with no ability for your secrets to reach the internet.  Those who want 
sync'ing would need to install another app as well, with the knowledge that 
this configuration will send your secrets to an online destination of their 
choice.

Does this still give you that warm and fuzzy feeling?

Original comment by ro...@tawacentral.net on 24 Oct 2010 at 2:01