Keymaster: Usable Short-term Credentials with Multi-Factor Authentication

Speakers: Camilo Viecco and Richard Gooch (Symantec Corporation)

Camilo is a Software Engineer in Symantec's Cloud Platform Engineering division. Previously he was at Mozilla where he lead the implementation of HPKP. You can find him online looking for ways to enhance security and privacy while not compromising usability.

Richard is a Technical Director at Symantec. Previously he was at Google. He writes code, sponsors cool projects like Keymaster and deals with email.

The speakers will present a multi-factor authentication system which issues short-lived credentials (SSH certs, SSL certs, Kerberos tickets, API keys, etc.) to users. This system is easy to use, configure and administer. This is an Open Source project developed within Symantec for its Cloud Platform with the goals of reducing or eliminating long-lived credentials which are difficult to revoke, adding second factor authentication to remote shell access while reducing friction for our users.

There will be a live, audience participation demonstration, so bring your laptops and U2F tokens if you have them!