CFSSL: the evolution of a PKI toolkit

CFSSL: the evolution of a PKI toolkit

n July 2014, CloudFlare released CFSSL, an open source toolkit for TLS and PKI written in Go. CFSSL can be used as a lightweight certificate authority (CA), a certificate chain bundler--and now--a TLS configuration scanner. One year later, CloudFlare is excited to announce CFSSL 1.1 and cfssl.org, the home on the web for the CFSSL development team. This presentation will cover the challenges of the project and how it evolved from an internal tool for CloudFlare's Railgun product into a software library used by several high-profile organizations including the "Let's Encrypt" project.

Presented by