Evan Gilman
Evan Gilman
SPIRE deployments commonly include one or more administrative components that are responsible for managing registration entries. These components themselves however also require a registration entry to function (since they need...
There are many cases in which crypto agility is desirable, including PQC and certain kinds regulated usages. Supporting it would be very powerful, but also complicated. In this issue, we'll...
Many error conditions are possible inside peertracker, and some of them may occur in situations where an attacker is attempting to abuse the workload attestation logics. The error messages we...
Fetching ticket details are nice, but sometimes the name and/or number is hard to find! A search feature would be killer
Reviewing ticket details is nice, but what would really be bomb is if we could create a ticket as well
SPIRE maintainers receive security disclosures, however the responsibility placed on them in the handling of these disclosures is not documented in MAINTAINERS.md. Document maintainer responsibility as it relates to security...
# Introduction Forced rotation and revocation has been a roadmap item for a while, and the time has come to scope it and put forth a proposal. The goal of...
The kubernetes workload attestor emits a selector named `k8s:node-name`, whose value is the name of the node that the agent is running on. The primary use case of this selector...
Agents call into the server periodically to retrieve updates and perform signing/rotation operations. We track all agents in the datastore, and some basic information about them. It would be useful...
The codebase is very small, but there are still some opportunities to cover some of the functions by unit test. Cover the functions that make sense, making minor modifications to...