More secure with less "security"

Stef Walter

Application developers often regret having to deal with security stuff such as certificates or encryption.

This talk will show simple approaches to take in GNOME to relieve app authors of so much security related complexity, while at the same time meeting user expectations of privacy.

Topics include:

  • How to store account passwords in your configuration/settings securely, even when your app is used in a (future) sandbox.
  • The simple but correct way to use SSL/TLS to connect securely to online services.
  • How to (not) deal with prompting the user about invalid certificates and so on.
  • Using single sign on to remove prompting for passwords.

We'll also highlight some of the infrastructure work that's been done simplify security, such as the common storage for certificates, secret storage, authentication and so on.