Presenters
Source
🚀 O7 Demon: The Future of Secret Service is Here! 🛠️
Hey everyone! 👋 Danuka recently gave a fascinating update on a project that’s poised to revolutionize how we handle secrets on our systems: O7 Demon. If you’re familiar with NOM keying, get ready for a change! This blog post will break down what O7 Demon is, what’s been accomplished, what’s still in progress, and how you can get involved.
What’s O7 Demon and Why Should You Care? 🌐
O7 Demon is a new secret service provider designed to replace NOM keying. Think of it as the gatekeeper for your sensitive data – passwords, encryption keys, and more. It’s a big deal because it’s built with modern technology and aims to be more robust and secure.
- Core Tech Stack: It’s built using Rust, leveraging the O7 client library and Zbus. This combination brings a lot of advantages, including improved performance and safety.
- Funding & Collaboration: This project is a collaborative effort, initially funded by STF (Secure Technology Facilities), with significant contributions from Sony and Tobias. A new round of funding, thanks to Adrian and others, is now enabling further development.
- The “Why”: NOM keying has served us well, but O7 Demon represents the next evolution, bringing with it the benefits of modern development practices and technologies.
🎉 What’s Been Accomplished? A Look at the Progress!
Danuka highlighted some impressive milestones already achieved with O7 Demon. Let’s dive in:
- API Implementation: A significant portion of the free desktop secret service API has been implemented. This is a major step toward full functionality.
- Systemd Credential Integration: This is a particularly exciting feature! If you have a systemd credential name and an encryption password, you no longer need to repeatedly authenticate during boot. This translates to a smoother, faster user experience.
- Nome Integration: The prompt implementation for Nome is complete. For those feeling adventurous, you can now start using O7 Demon and stop using NOM keying! This is a testament to the project’s maturity.
- Key Statement: “If you have just the login keyring and you are feeling adventurous, you can start using o7 demon today and stop using nom keyring.”
🚧 What’s Still on the Roadmap? 🗺️
While the progress is fantastic, there’s still work to be done. Here’s what’s on the team’s radar:
- Multiple Curing Support: Currently, support for managing multiple curing (key storage areas) is missing. This is a priority for future development.
- Automatic Default Curing Unlock: Automatic unlocking of the default curing is another area needing attention.
- Password Propagation: A crucial piece is missing: the ability to properly propagate password changes. Currently, if a user changes their password, the system doesn’t automatically reflect that change in O7 Demon.
- Testing: More comprehensive testing is needed to ensure stability and reliability.
🌟 What’s Next? The Future of O7 Demon!
The future looks bright for O7 Demon! The new funding will allow the team to focus on:
- Completing Secret Service Implementation: The goal is to finish the implementation of the secret service functionality.
- Introducing Secret Handling in Systemd: Integrating secret handling directly into systemd will be a game-changer.
- First Release: The team is eagerly looking forward to their first release, bringing these advancements to users.
👨💻 Get Involved!
Want to learn more or contribute to the project? Here’s how:
- Follow the Project: Stay updated on progress and announcements. (Links were provided in the presentation - check for those!)
- Contribute: If you’re a developer, consider contributing to the project. Your skills and expertise can help shape the future of secret service management!
O7 Demon represents a significant leap forward in how we manage secrets. It’s a project worth watching – and potentially contributing to – as it paves the way for a more secure and user-friendly computing experience. Let’s embrace this evolution and build a stronger foundation for our digital lives! ✨