prk0ghy

> I agree, it's a mess. The whole PKI realm concept was created to provide a standardized way to access the X.509 certificates by services - one concept being a...

Would it be useful to compile a list of features the new pki should have? I think it would be easier to implement if we know exactly what it should...

@ypid I went through the list and came up with these candidates. Although I think step-certificates and step-cli is the way to go. https://github.com/NLnetLabs/krill https://github.com/letsencrypt/boulder https://github.com/dogtagpki/pki/wiki/Certificate-Authority https://github.com/cloudflare/cfrpki https://github.com/fm4dd/webcert https://github.com/cloudflare/cfssl https://github.com/smallstep/certificates