From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 18 Aug 2023 17:22:46 +0000 (+0200)
Subject: update TODO
X-Git-Tag: v255-rc1~688
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5227b72db3801c339f7cf7c6235103fbd2bd2b19;p=thirdparty%2Fsystemd.git

update TODO
---

diff --git a/TODO b/TODO
index 3325779eb6c..2ba0666d4aa 100644
--- a/TODO
+++ b/TODO
@@ -95,6 +95,14 @@ Janitorial Clean-ups:
 
 Deprecations and removals:
 
+* homed: add a basic form of of secrets management to homed, that stores
+  secrets in $HOME somewhere, is protected by the accounts own authentication
+  mechanisms. Should implement something PKCS#11-like that can be used to
+  implement emulated FIDO2 in unpriv userspace on top (which should happen
+  outside of homed), emulated PKCS11, and libsecrets support. Operate with a
+  2nd key derived from volume key of the user, with which to wrap all
+  keys. maintain keys in kernel keyring if possible.
+
 * Remove any support for booting without /usr pre-mounted in the initrd entirely.
   Update INITRD_INTERFACE.md accordingly.