Christian Heimes

Christian Heimes

Christian is a long time Python developer from Hamburg/Germany. In the past he has contributed to several Open Source projects such as the CPython interpreter. In the past years he has helped to keep Python secure, for example as member of the Python security response team, secure hashing (PEP 456) and improvements of Python's TLS/SSL module. Nowadays he is employed by Red Hat and works on OpenShift container security, FreeIPA identity management and Dogtag public key infrastructure.

Sessions Montréal 2022

Debugging TLS and certificate problems

Session en anglais - Intermédiaire

In September 2021 the old root CA of Let’s Encrypt expired, which caused connection issues all over the world. In my talk you will learn how to debug, understand, and avoid problems with TLS connections and certificates. I will introduce you to various techniques and tools like scanners, packet analyzer, and command line tools for investigating problems.

Software supply chain security for Python and others

Session en anglais - Intermédiaire

Modern applications depend on a multitude of Python, Node.js, Rust, or Go packages, which are maintained by strangers and downloaded from public repos. Supply chain can be attacked or fail for other reasons from API breakage to "leftpad", or typo-squatting. In my talk I'll cover techniques and best practices for a stable, secure supply chain as well as insight from a Python security team member and packager for Fedora and CentOS.

Sessions Online 2021

Sessions Montréal 2020

Sessions Montréal 2019

Sessions Montréal 2018

Sessions Montréal 2017