Name: Life beyond FIPS 140-3: identity tales
Start: 2023-06-18T12:30:00+0200
End: 2023-06-18T13:40:00+0200

Life beyond FIPS 140-3: identity tales

Feedback form is now closed.

FIPS 140-3 standard has been published by NIST in 2019. When an operating system environment is put into a compliance with FIPS 140 standard series, the requirements extend to applications running in the environment as well. Each FIPS 140 standard generation was bringing ground breaking changes at the time, FIPS 140-3 is no different and its enforcement is like a snow at winter: we know things will break and they get broken but at a surprising angle.

The talk will look into how FIPS 140-3 affects identity management solutions with a focus on FreeIPA and Samba AD DC. These projects implement a complex stack of protocols whose lifetime spans more than forty years. Introducing new compliance requirements highlight hidden issues that weren't addressed for decades. Many of the issues intertwine protocol design evolution and implementation details. They also affect Linux systems' administrators in surprising and unpredictable ways.

Speakers

Alexander Bokovoy

Sr. Principal Software Engineer, Red Hat

Sr. Principal Software Engineer at Red Hat, working on security and identity management. Actively participates in FreeIPA, SSSD, Samba, and many other free software projects targeting an open source enterprise environments.

Julien Rische

Software Engineer, Red Hat

MIT Kerberos maintainer for Fedora, CentOS and RHEL, and contributor to FreeIPA.

presentation pdf

Sunday June 18, 2023 12:30pm - 1:40pm CEST
G202 | Talks

DevOps and Automation & Security and Compliance, Two part session

Audience Intermediate
Stream only https://youtube.com/live/_igS-VWZ5-Y
Chat https://matrix.to/#/#g202:devconf.cz

Devconf.cz 2023

Alexander Bokovoy

Julien Rische

Attendees (55)

Devconf.cz 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Alexander Bokovoy

Julien Rische

Attendees (55)