Key Transparency
consul
Key Transparency | consul | |
---|---|---|
4 | 57 | |
1,557 | 27,841 | |
- | 0.5% | |
1.0 | 9.9 | |
almost 3 years ago | 4 days ago | |
Go | Go | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Key Transparency
-
DTLS-SRTP spoofing
However, a MITM controlling the signaling server could manipulate any attempt to communicate the fingerprint between the endpoints. Hence why certificate verification should be out-of-band (with regards to the signaling server). The most common solution I've seen is that the call participants can just read the fingerprints to each other and ensure they match. But there are other solutions including using a trusted third party, or even key transparency... because blockchain.
-
Key transparency: A transparent and secure way to look up public keys
Archived. Not sure when. :( I'm not sure what if anything is a decent replacement/substitute.
In the README examples I see text about what I think is Certificate Transparency. That was definitely the first thing this made me think of. There's also a lot of talk in the project about CONIKS[1], & associate research papers are about 'bringing key transparency to end users'.
The scenarios[2] are interesting, but I'm not sure fully how this project helps. They explicitly call out Upspin for encrypted storage, which was linked recently[3].
It appears to make heavy use of the Trillian cryptographically verifiable data store[4].
[1] https://www.schneier.com/blog/archives/2016/04/coniks.html
[2] https://github.com/google/keytransparency/blob/master/docs/s...
[3] https://news.ycombinator.com/item?id=31520559
[4] https://github.com/google/trillian
-
Why Doesn't Email Use Certificates?
Key Transparency is an example of such a system, built on a highly scalable backend system (Trillian, which powers Certificate Transparency), but it's been under development for several years without a production deployment.
consul
-
Deploy Secure Spring Boot Microservices on Amazon EKS Using Terraform and Kubernetes
The JHipster scaffolded sample application has a gateway application and two microservices. It uses Consul for service discovery and centralized configuration.
-
The Complete Microservices Guide
Service Discovery: Microservices need to discover and communicate with each other dynamically. Service discovery tools like etcd, Consul, or Kubernetes built-in service discovery mechanisms help locate and connect to microservices running on different nodes within the infrastructure.
-
Replicating and Load Balancing Go Applications in Docker Containers with Consul and Fabio
After some research and testing, I landed on using Consul and Fabio as the demo infrastructure. Of course, there is a myriad of other options to accomplish this task, but because of the low configuration and ease of use, I was impressed with this pairing. Both projects are mature and well-supported, and very flexible--just because you can run them with low configuration, doesn't mean you have to. I wanted to keep this demo constrained, but the exercise did get me excited about exploring things further: circuit breakers, traffic splitting, and more complex service meshes.
-
register open-telemetry to consul
The goal is to be able to use Consul SD configurations to allow for retrieving scrape targets from consul. Is this possible? Can anyone provide an example? Thank you!!
-
Fly.io outage, recently deployed apps down, no new deployments possible
https://github.com/hashicorp/consul/pull/12080 - this should be the Consul issue that brought down Roblox
-
Netdata release 1.38.0
The Consul collector is production ready! Consul by HashiCorp is a powerful and complex identity-based networking solution, which is not trivial to monitor. We were lucky to have the assistance of HashiCorp itself in this endeavor, which resulted in a monitoring solution of exceptional quality. Look for common blog posts and announcements in the coming weeks!
-
Micro Frontends for Java Microservices
Changed the service discovery to Consul, since this is the default in JHipster 8.
- Website monitoren
-
I Know What You Shipped Last Summer
In another effort to standardize development and operations, Lob has just wrapped up our container orchestration migration from Convox to HashiCorp’s Nomad, led by Senior Platform Engineer Elijah Voigt. In this new ecosystem, one feature available to us is Consul Service Mesh (a feature of Consul, which is part of our Lob Nomad stack).
-
a tool for quickly creating web and microservice code
Service registry and discovery etcd, consul, nacos
What are some alternatives?
Vault - A tool for secrets management, encryption as a service, and privileged access management
etcd - Distributed reliable key-value store for the most critical data of a distributed system
SFTPGo - Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob
Eureka - AWS Service registry for resilient mid-tier load balancing and failover.
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
traefik - The Cloud Native Application Proxy
minio - The Object Store for AI Data Infrastructure
Apache ZooKeeper - Apache ZooKeeper
kubernetes - Production-Grade Container Scheduling and Management