[Security-devroom] How to Store Trust: Assertions
Stef Walter
stefw at collabora.co.uk
Thu Dec 9 18:40:54 CET 2010
Stef Walter -- stefw at collabora.co.uk
Affiliation:
Collabora Ltd, GNOME
Maintainer of GNOME Keyring, and has been involved in a large number of
security projects both in the open source community and otherwise.
Demystifying crypto and security for users and allowing simple but
powerful uses of security technologies is of special interest.
Talk Duration: 30 minutes
Talk: How to Store Trust: Assertions
In order to provide a usable foundation for crypto on the desktop, the
various crypto libraries need a way of accessing common information
about the user's preferences with regard to certificates and 'trust'.
"Trust Assertions" provide a way to represent certificate authority
anchors, 'pinned' certificate exceptions, revocation lists, and other
bits of trust information. A common method of accessing this information
is missing from the open source desktop.
We will show how we can make this information available through PKCS#11,
so the user's applications (regardless of crypto library) can act
consistently when making trust decisions.
We'll present one solution, but more importantly: kick start progress in
this area and discuss how we can move forward together.
More information about the Security-devroom
mailing list