Really enjoyed the Desktop Summit, and meeting everyone there. The only bummer part was the network connectivity. My employer Collabora sponsored my trip and work.
My talk went well (slides), and we had a great time discussing things afterwards. LWN wrote an article about the talk (the article will be …
I’m off the the Desktop Summit shortly. Going to be giving a talk about gluing together desktop crypto (Oh boy, there’s a life size picture of me at that link. I wonder why it ended up so big? Hrmmmm….)
My first time in Berlin, and it sounds like …
Went to FOSDEM last weekend. It was a cool and crazy conference: packed rooms, great talks, good friends, much beer. I enjoyed finally meeting the Collabora guys I’m now working with.
I hung out in the absolutely packed security devroom the first day, superbly organized by Martin Paljak from …
Trust assertions are bits of trust information used by applications to make trust decisions about certificates. For example, trust assertions can represent certificate authority anchors, pinned certificate exceptions, or revocation lists. Trust assertions do not represent the trust decision itself, but they’re used in a trust decision.
By using …
I was evaluating use of GObject for small plentiful short-lived objects in libgck. I wanted to see how their performance compared to custom reference counted structures. Turns out it’s not as bad as I imagined.
The speed difference on my system, with a simple test program, ended up being …
In an effort to get better organized, I’ve put together a page listing the goals of the gnome-keyring and seahorse projects. It’s all broken down into tasks, plans, and what’s already done.
The basic jist of it is to make crypto and security a usable experience on …
I’ve been working on some specifications for storage of ‘trust’. This a sufficiently vague and abstract concept to require a hoity toity name: Trust Assertions
Trust assertions are used to assign an explicit level of trust to a public key or certificate. I’ll just refer to certificates below …
The new certificate and key view widgets are now merged into gnome-keyring master. They live in libgcr: a library for crypto UI widgets and crypto helpers.
The goal of the widgets are to have a simple mode, where only the information needed for a user to uniquely identify a certificate …
In gnome-keyring we use PKCS#11 for the storage of keys and
certificates. PKCS#11 is standard sort of a plugin API that allows
drivers or software to provide key storage and crypto algorithms to an
application.
libgck is a GObject wrapper of PKCS#11. Still pretty low level but …
I gave a talk on Wednesday about using a common certificate and key store across the desktop and using common widgets for crypto bits.
Sadly the talk was at the same time as a big release team announcement/talk. Notwithstanding more people came than I expected.