Consistent PKCS#11 in Operating Systems
improving user experience and security in RHEL and Fedora
- Track: Security devroom
- Room: UD2.218A
- Day: Sunday
- Start: 16:30
- End: 16:55
During last year, we worked hard to make cryptographic tokens usage consistent across the operating system and to improve its usability, mostly using the means of PKCS#11 URIs. This was done for both administrators and end users, in the end resulting in easier configuration of HSMs and authentication using smart cards and cryptographic tokens.
I will outline what we worked on to improve the user experience and support for smart cards, cryptographic tokens and HSMs across the operating system. I will share experience with implementing or improving this support across various applications, libraries and tools, experience with testing them and making sure they work together in Linux distribution. I will focus on the current state in Fedora and RHEL 8 and propose some future steps that we have yet to take.
Speakers
Jakub Jelen |