“Workload Identity”: It’s SPIFFY, but Central Policy Management?
SPIFFY Mutual TLS (mTLS) is a way to secure workload identity and communication in a distributed system using the SPIFFE and SPIRE standards. (see also: https://spiffe.io/) SPIFFE stands for Secure Production Identity Framework for Everyone, and SPIRE stands for SPIFFE Runtime Environment. SPIFFE defines a platform-agnostic identity format and API for workloads, and SPIRE provides […]
4 Learnings: DPGA Meeting 2023
I attended the DPGA annual meeting in Addis Ababa, Ethiopia. It was my first time meeting in person many of the people in that community and learning about the laudable goals of the DPG Alliance initiatives. The meeting was opened by Yodahe Zemichael , who leads the National ID Program Office in Ethiopia, and shared […]
Detachable IDP: Keycloak for wandering workgroups
What’s great about Keycloak is that it’s an “all in one container” that has SAML, OpenID and even some old school web access management features, like Realms and RBAC policies.