Interesting Snippets from 2020-05-17

• GitHub - smallstep/cli: 🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

  step is a zero trust swiss army knife that integrates with step-ca for automated certificate management. It's an easy-to-use and hard-to-misuse utility for building, operating, and automating systems that use zero trust technologies like authenticated encryption (X.509, TLS), single sign-on (OAuth OIDC, SAML), multi-factor authentication (OATH OTP, FIDO U2F), encryption mechanisms (JSON Web Encryption, NaCl), and verifiable claims (JWT, SAML assertions).

• GitHub - smallstep/certificates: 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

  An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. This repository is for step-ca, a certificate authority that exposes an API for automated certificate management. It also contains a golang SDK for interacting with step-ca programatically. However, you'll probably want to use the step command-line tool to operate step-ca and get certificates, instead of using this low-level SDK directly.

• Everything Public Key Infrastructure (PKI) - The Missing Manual | Smallstep Blog

  Certificates are the best way to identify code and devices, and identity is super useful for security, monitoring, metrics, and a million other things. Using certificates is not that hard. No harder than learning a new language or database. It's just slightly annoying and poorly documented.

[/snippets] permanent link