Photo of a talk at GUADEC 2010, with speaker talking and several attendees with laptops By Mario Sánchez Prada [CC-BY-SA-2.0], via Flickr

More secure with less “security”

Application developers often regret having to deal with security stuff such as certificates or encryption.

This talk will show simple approaches to take in GNOME to relieve app authors of so much security related complexity, while at the same time meeting user expectations of privacy.

Topics include:

  • How to store account passwords in your configuration/settings  securely, even when your app is used in a (future) sandbox.
  • The simple but correct way to use SSL/TLS to connect securely to online services.
  • How to (not) deal with prompting the user about invalid certificates and so on.
  • Using single sign on to remove prompting for passwords.

We’ll also highlight some of the infrastructure work that’s been done simplify security, such as the common storage for certificates, secret storage, authentication and so on.

Save the date!
Sunday, August 4th
10:40 – 11:25