I attended DevConf CZ 2023, the 3 days event from Friday to Sunday yesterday.

What is DevConf CZ?

The event DevConf means Developer's Conference with so many technical and non-technical sessions. Total 280 sessions. Over 1100 attendances.

Improving my C language programming skills by working for OpenSSL

In my current work, there are some great things.

I am working at the Ruby language project, and I can learn how to organize big open-source projects. I can contribute to the entire open source domain beyond the Ruby project. Because for example, the Ruby language project uses CI services, and the servers are sponsored. As the project is big and popular, we can be sponsored. Then I have opportunities to the things related to the CI services and servers that other open-source projects also use.

Recently I became a co-maintainer of the Ruby OpenSSL binding library in the specific feature FIPS in OpenSSL. The Ruby library uses OpenSSL library APIs. And the OpenSSL is one of the important components in software.

There is RISC-V Software Thriving (RISE) project launched recently, and that is a collaboration project to thrive RISC-V CPU's software ecosystem for the CPU to be used practically. And if you look at the bottom of the page, OpenSSL is one of the components that they want to focus on. This shows the importance of the OpenSSL in the system. And I am excited to improve my C language skill by working for OpenSSL practically via this opportunity.

Sessions

The highlight of the sessions. Some of the sessions were recorded and will be uploaded to DevConf's Youtube channel.

3 OpenSSL-related talks

• OpenSSL's Journey
  • OpenSSL 3.0 => FIPS 140-2
  • OpenSSL 3.1 => FIPS 140-3
  • OpenSSL 3.2 => QUIC (a replacement of TCP + TLS)
• Migration of OpenSSL - Lightning talk: How to use the source-git (seems a feature of the Packit) to update the dist-git rpms/openssl in the Fedora project easily.
• OpenSSL 3 providers - It's about the implementation. In OpenSSL FIPS, there are 2 providers "base" and "fips". So, this topic is related to the development using the OpenSSL FIPS feature.

2 FIPS talks

• Life beyond FIPS 140-3 - How the stakeholders decide FIPS requirements. Really nice session.
  • How to join the discussion? Join the Cryptographic Module User Forum - Click "Collaboration Tool" to join. I joined.
• Security compliance - I was not able to attend. Later I will watch the recording.

Others

• crypto-auditing: A monitoring tool to observe the used encryption in the system, and alert when the old ones are still used.
• Modern strace
• GNU poke: interactive binary editor.
• Valgrind and GDB - I attend in the middle of the session. I will watch the recording later.
• Dynamic RPM packaging - I was not able to attend it. I will watch the recording later.
• Containers in Car: - I was not able to attend it. I will watch the recording later.

Thanks!

This event didn't happen without great speakers and volunteers. I appreciate that.