Public key infrastructure - Wikipedia

Introduction Blockchains are all the rage. The oldest and biggest blockchain of them all is Bitcoin , which over its eight-year hist...

I try to read every book by Neal Stephenson because he writes characters that I wish I could be, or perhaps are the closest to from any other characters in f...

Introduction Blockchains are all the rage. The oldest and biggest blockchain of them all is Bitcoin , which over its eight-year hist...

Random collections of my notes and articles over the years, mostly about maths and/or engineering.

Today we’re proud to introduce CFSSL—our open source toolkit for everything TLS/SSL. CFSSL is used internally by CloudFlare for bundling TLS/SSL certificates chains, and for our internal Certificate Authority infrastructure.

Free online tool to decode X.509 certificates (PEM format). Instantly view details like issuer, subject, validity, SAN, and more. Secure decoding happens in your browser.

A community dedicated to discussing the big picture: humans, technology, and the connections between them, with an eye towards avoiding techno-dystopian outcomes.

Disclaimer: I did have to sign a NDA, so I can't go too in depth on certain details. But I'll do my best to capture the essence of it. Aft…

Certificate Transparency

In this blog post I talk about what it takes to delivery software securely to the general public. Some gamers are worried the leaked CS source code might mean their machines are unprotected. Their concerns are valid, but this shouldn't be something they should worry about if developers do their work right... and I believe Valve is probably doing it right, so no need to panic.

This post is the fourth in a series on mobile security where we are exploring the Android platform, how security is approached in a mobile context, and what that means for future mobile platforms like …

Fang-Pen Lin's blog about programming

Bootstrap Kubernetes the hard way. No scripts. Contribute to kelseyhightower/kubernetes-the-hard-way development by creating an account on GitHub.

Stuff shared and sometimes created by me.

Introduction Blockchains are all the rage. The oldest and biggest blockchain of them all is Bitcoin , which over its eight-year hist...

Darkside of Software Engineering.

Shellpki is a very tiny&easy PKI in command lines - Evolix/shellpki

For better display results you can also have a look at the Manage a PKI using OpenSSL. In the previous X.509 related post I’ve had a look at the internals of a X.509 certficate. This time I want to setup my own PKI using some open source software. This post is a preparation for setting up a VPN using OpenVPN. Before implementing the PKI let’s have a look what a PKI should definitely include (make sure you have a look at the Wikipedia entry):

Hartley writes about full stack software engineering and AI-driven software development.

Kubernetes RBAC configuration can seem like a daunting task at first. In this article we will try to demystify some of the mechanism behind the authorisation process in Kubernetes and learn how to generate our own credentials to communicate with the Kubernetes API server.

In this article we’ll explore how to use Traefik in Kubernetes combined with Cert-manager as an ACME (Automatic Certificate Management Environment) client to issue certificates through Let’s Encrypt.

Introduction Blockchains are all the rage. The oldest and biggest blockchain of them all is Bitcoin , which over its eight-year hist...

a look at how Secure Boot works

Push The Limits

A blog about the fun parts of programming.

A deep dive into PKCS11, GPG, and Yubikeys

In many systems, various actions can only be performed as some kind of Identity. We must authenticate ourselves by proving who we are. Authentication fundamentally is just an answer to this question: who are you and can you prove it is true?

A weblog about Signals Intelligence, Communications Security and top level telecommunications equipment

Imagine a world where autonomous, intelligent AI is solved. It consists of many agents, some human, some not. Perhaps some that are slaves to the others. Oth...

Fang-Pen Lin's blog about programming

An open technical standard providing publishers, creators, and consumers the ability to trace the origin of different types of media. At East Sweden Innovation Day 2022, when Mathias Cederholm spoke,...

As I said in the last post , I obtained YubiKey USB tokens and started to play with it. One of the programs I made is YubiText , it allows ...

You probably may have read an influential blog post Against DNSSEC and another one that follows it 14 DNS Nerds Don't Control The ...

Securing database traffic inside your network can be a great step for defense in depth. It’s also a necessity for Zero Trust Networks. Both Amazon...

Certificate Transparency