diff options
| author | Stef Walter <stefw@redhat.com> | 2014-11-04 11:31:31 +0100 |
|---|---|---|
| committer | Stef Walter <stefw@redhat.com> | 2014-11-04 13:55:32 +0100 |
| commit | 0968f903fe66f9bb8957b8d01e35f3743c74404b (patch) | |
| tree | 5928fbcdf458575c77cbfe8edac12afc7d71b768 /content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md | |
| parent | 054fed351b16d608f6ae4b8fd3cf3a38434117bd (diff) | |
Brought old blog over
Diffstat (limited to 'content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md')
| -rw-r--r-- | content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md b/content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md new file mode 100644 index 0000000..9d27cc6 --- /dev/null +++ b/content/technical/talk-at-guadec-on-integration-of-certificate-and-key-storage.md @@ -0,0 +1,87 @@ +Title: Talk at GUADEC on Integration of Certificate and Key Storage +Date: 2010-05-14 +Tags: technical, security, gnome +Slug: talk-at-guadec-on-integration-on + +I'll be attending GUADEC for the first time. Not only that but I'll be +giving a talk. I'm a bit nervous, but excited! + +The talk is about integrating various +applications using keys and certificates to use a common key +storage. + + + + + + + + + + + + +Currently each application puts their +certificates and private keys in distinct locations, which make it hard +for the user, but also for application developers, since new +applications integrating crypto need to work out a whole raft of things +such as secure key storage. + + + + + +- Currently when you need to use a + certificate with network-manager and a wireless connection, you have + to specify three files in a fragile formats. +- When using certificates with + evolution or firefox or thunderbird each application stores them in + their own key storage. +- SSH Keys (which are in fact the same + sort as the above) are stored in `~/.ssh` + + + +It's a little bit like each application +not sharing a filesystem, but having their own part of the disk to write +their documents to. With GPG we have all applications sharing the same +keyring (per-user obviously), but so far this hasn't been the case with +X.509 certificates and keys. + + + + + + + + + + + + +Because of the development in +gnome-keyring around a standard called PKCS\#11 it's now possible to +integrate the key storage between applications, and in our talk we'll +discuss how to do this in a secure, transparent and configurable +way. + + + + + + + + + + + + + + +This also means it'll be easier for +applications to gain support for keys, and to have smart card related +features and other stuff like that in the future.</span> + + + + |