How to build your own CA and PKI, my new long-form blog post for @CloudFlare.https://blog.cloudflare.com/how-to-build-your-own-public-key-infrastructure/ …
@grittygrease Instead of generating and distributing the cert private keys, (single-use? TOFU?) HMAC keys are generated and distributed?
-
-
@BRIAN_____ Long-lived per-CA HMAC keys are installed in the clients at provisioning time and the CA uses an IP whitelist. -
@grittygrease Interesting. A description of that would also be very interesting reading.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.