Index ¦ Archives ¦ Atom > Tag: security

More secure with less “security”

At GUADEC in Brno, I gave a talk about usability and security prompts.

The video and slides is now online. I’m really impressed with how fast the videos became available this time around.


How to create an Active Directory domain to test against

Many interested people want to help test the Active Directory work and bug fixes we’ve been doing. But sadly there’s no public Active Directory servers that I know of. So here’s how to setup a virtual machine with your own Active Directory. It’s not that hard …


Kerberos and Active Directory Logins

Ray and I and some others have been working on making it easy to use Kerberos single sign on with GNOME 3.6. The feature itself isn’t super revolutionary. You sign in with your realm login (eg: your Active Directory user name and password) and then you can go …


VMWare Player on Fedora 16

I have some VMWare VM’s I’ve been using here and there. I probably should convert them to Virtual Box, but I’ve had a rough time getting that working as well.

So … every time you upgrade the kernel, VMWare barfs because kernel headers have changed. Usually I look …


Redesigning the Seahorse Experience

As part of the work on getting smart cards into Seahorse, there’s some design work that needs to be done to make the new functionality usable. In particular, the overarching design goal is that Seahorse isn’t a tool we expect users to “learn”. Actions should follow mostly from …


Importing certificates and keys

I’ve been working on an importer for keys and certificates that can work with PKCS#11 key storage, such as smart cards, NSS or gnome-keyring.

Here’s a demo of it in action. If you want to try this out yourself, you’ll need:


Introspecting Certificates

Today I merged in a contribution from Evan Nemerson for GObject introspection support into the Gcr and Gck libraries. I ended up tweaking thousands of lines of comments and code, filed some bugs and so forth.

But the end result is you use PKCS#11 and stuff like the Gcr …


Smart card icons

I’ve been working on smart card integration into Seahorse, and as part of that we need icons for smart cards. I had fun putting together something today:

Smart card icons

Obviously not perfect, but I’m happy with the result. The tools and info in gnome-icon-theme are really nice.

At some point …


Ditching Certificate Authorities with Convergence

Listened to Moxie’s talk about Trust Agility and ‘Convergence’. Sounds like a viable candidate for ditching the Certificate Authority mess, or at least part of a solution. Go watch the video if you haven’t already.

I was thinking about how we could implement support for Convergence in GNOME …


Viewer for Certificate and Key files

So a lot of the work I do doesn’t have any user interface. The best user interface is no user interface, well one that isn’t needed. But recently I’ve been working some tools to view the plethora of certificate and key formats out there. So I couldn …

© Stef Walter. Built using Pelican. Theme by Giulio Fidente on github. .