At GUADEC in Brno, I gave a talk about usability and security prompts.

The video and slides is now online. I’m really impressed with how fast the videos became available this time around.

Many interested people want to help test the Active Directory work and bug fixes we’ve been doing. But sadly there’s no public Active Directory servers that I know of. So here’s how to setup a virtual machine with your own Active Directory. It’s not that hard …

Ray and I and some others have been working on making it easy to use Kerberos single sign on with GNOME 3.6. The feature itself isn’t super revolutionary. You sign in with your realm login (eg: your Active Directory user name and password) and then you can go …

I have some VMWare VM’s I’ve been using here and there. I probably should convert them to Virtual Box, but I’ve had a rough time getting that working as well.

So … every time you upgrade the kernel, VMWare barfs because kernel headers have changed. Usually I look …

As part of the work on getting smart cards into Seahorse, there’s some design work that needs to be done to make the new functionality usable. In particular, the overarching design goal is that Seahorse isn’t a tool we expect users to “learn”. Actions should follow mostly from …

I’ve been working on an importer for keys and certificates that can work with PKCS#11 key storage, such as smart cards, NSS or gnome-keyring.

Here’s a demo of it in action. If you want to try this out yourself, you’ll need:

• latest gcr library from gnome-keyring …

Today I merged in a contribution from Evan Nemerson for GObject introspection support into the Gcr and Gck libraries. I ended up tweaking thousands of lines of comments and code, filed some bugs and so forth.

But the end result is you use PKCS#11 and stuff like the Gcr …

I’ve been working on smart card integration into Seahorse, and as part of that we need icons for smart cards. I had fun putting together something today:

Obviously not perfect, but I’m happy with the result. The tools and info in gnome-icon-theme are really nice.

At some point …

Listened to Moxie’s talk about Trust Agility and ‘Convergence’. Sounds like a viable candidate for ditching the Certificate Authority mess, or at least part of a solution. Go watch the video if you haven’t already.

I was thinking about how we could implement support for Convergence in GNOME …

So a lot of the work I do doesn’t have any user interface. The best user interface is no user interface, well one that isn’t needed. But recently I’ve been working some tools to view the plethora of certificate and key formats out there. So I couldn …