Christian Heimes

Christian Heimes

Christian is a long time Python developer from Hamburg/Germany. In the past he has contributed to several Open Source projects such as the CPython interpreter. In the past years he has helped to keep Python secure, for example as member of the Python security response team, secure hashing (PEP 456) and improvements of Python's TLS/SSL module. Nowadays he is employed by Red Hat and works on FreeIPA identity management and Dogtag public key infrastructure.

Montreal 2017 sessions

Sharing secrets in a containerized world

English session - Beginner

Apps and services depend on secrets like tokens or password for authentication. But neither env vars nor files provide secure, flexible and PCI compliant transport mechanism for cloud and containers. With Custodia we developed a HTTP and JSON based protocol and reference implementation for authentication, routing and auditing of secrets. It combines Unix sockets and sVirt with JOSE and PKI to request secrets from a store or 3rd party vault.

Tales from Python core security

English session - Intermediate

The CPython interpreter have seen a fair share of security incidents. As a core contributor and member of the security team I have been involved in fixing security bugs and hardening Python. You will learn about past vulnerabilities in Python's dict implementation and standard library modules, how to avoid common mistakes and recent improvements of ssl, hashlib and random number generator.