I'm liking 1Password's UX, in particular the combination of attention to security and general usability. The key motivator for me to start using it was the Families feature, enabling me to help get the rest of my family using a password manager. Unfortunately, that same feature is a huge blocker for me actually using 1Password, because it requires v6 which does not work on Linux, even under Wine.
As a stop-gap, I would like to see support for running the native app in a Windows 7 VM, and the browser extension in a Linux browser, when using QubesOS (the OS on my personal laptop; I use Ubuntu on my work laptop, where this strategy wouldn't work). This can be done with reasonable security using the Qrexec framework, and should be significantly easier to implement than a full Linux native app, as it roughly ends up being:
[Browser extension] ---> 127.0.0.1:6263 [netcat] --- stdin/out --> [qrexec Linux VM] --- Qubes RPC --> [qrexec Win7 VM] --- stdin/out --> [netcat] ---> 127.0.0.1:6263 [Native app]
It would also probably be necessary to register a URL handler on the Linux side for the
onepassword4-extension:// triggering URL, which would send the trigger over Qubes RPC to the native app.
I actually attempted to implement this myself (along the lines of Split-GPG and Split-SSH), but ran into the semi-documented 1Password browser process signing verification, which obviously fails for netcat! But in theory it should be possible to bundle that signature verification into the Qrexec client-side on Linux, and then verify the signature of the Qubes Windows Tools in the Qrexec server-side on Windows before allowing it to communicate with the native app.
I think this would fit in well with your existing security model, would be a much lower toll on your development team, and would provide a workable alternative for Linux users until the Windows app works over Wine
1Password Version: 6.5.401d
Extension Version: 4.6.6
OS Version: QubesOS 3.2, Windows 7 x64
Sync Type: Not Provided