From 5227b72db3801c339f7cf7c6235103fbd2bd2b19 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 18 Aug 2023 19:22:46 +0200 Subject: [PATCH] update TODO --- TODO | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/TODO b/TODO index 3325779eb6c..2ba0666d4aa 100644 --- a/TODO +++ b/TODO @@ -95,6 +95,14 @@ Janitorial Clean-ups: Deprecations and removals: +* homed: add a basic form of of secrets management to homed, that stores + secrets in $HOME somewhere, is protected by the accounts own authentication + mechanisms. Should implement something PKCS#11-like that can be used to + implement emulated FIDO2 in unpriv userspace on top (which should happen + outside of homed), emulated PKCS11, and libsecrets support. Operate with a + 2nd key derived from volume key of the user, with which to wrap all + keys. maintain keys in kernel keyring if possible. + * Remove any support for booting without /usr pre-mounted in the initrd entirely. Update INITRD_INTERFACE.md accordingly.