DevConf.CZ 2019 has ended

Saturday, January 26 • 1:30pm - 2:20pm
Understanding TLS certificate validation errors

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Last year, we asked 75 developers to validate five certificates and understand the error messages they got.

Why did or didn't they succeed? What were the most common misconceptions? What resources did people use to determine the security consequences? Can we improve the situation by creating better documentation?
In our research, we focused on error messages and documentation regarding the validation of TLS certificates. We'll present insights from the DevConf 2018 research booth, answering the questions from the previous paragraph.

We use TLS certificate validation as a real-world example to spark conversation on usable security and developer experience.
This research is a part of the academic cooperation of Red Hat and Masaryk University.

avatar for Martin Ukrop

Martin Ukrop

usable security researcher, Masaryk University
Security researcher and Ph.D. candidate at the Centre for Research on Cryptography and Security at Masaryk University, Czech Republic. My research efforts are also supported by Red Hat Czech. I aim to make security usable for IT professionals that lack a specialized training in computer... Read More →

Saturday January 26, 2019 1:30pm - 2:20pm

Attendees (73)