RSS Feed

Gluing Together Usable Desktop Crypto

Real Name of Submitter: 
Stef Walter
Company or Project Affiliation: 
Collabora and GNOME
Short Bio: 

Stef Walter works for Collabora. He's a long time contributer to GNOME, and many other open source projects. He is currently the GNOME Keyring maintainer, and has developed much of Seahorse.

Demystifying crypto and security for users and allowing simple but powerful uses of security technologies is of special interest to him.

He recently from Mexico to Germany, where he lives with his wife and son.

Talk Abstract: 

Desktop applications use a bunch of diverse crypto libraries. While in these are generally technically excellent, the diversity represents an obstacle to a consistent user experience for crypto and security stuff.

Currently users have to deal with configuring each application separately for things like certificate choices, keys and other crypto stuff. Developers often shy away from implementing solid crypto bits in their application because of the formats, storage, management interfaces and other obstacles involved.

This talk will discuss we are gluing together the certificate, key and trust storage across the different crypto libraries and desktops. The effort involves PKCS#11, trust assertions, hardware support, and other new research.

We'll talk about how you can participate or start to make use of this stuff no matter what your choice of toolkit or crypto library.

This is a solid, pluggable foundation for crypto storage and coordination between libraries and desktops. As a result, the user gets a predictable and simple experience. Developers get a solid foundation not only to better security in current applications, but on which to build cool new solutions to the thorny issues of privacy and identity.