This is your work, valued

Jacob Hoffman-Andrews

Elite
@jsha

EFF staffer working on @letsencrypt and other open source projects.

minica. minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.

3.3k

blocktogether. Share your blocks and subscribe to others'

322

unboundtest. Web service to test DNS resolution against Unbound with config similar to Let's Encrypt

53

github-sync. A tool to mirror all your GitHub repos. Run it in cron.

31

listenbuddy. A simple tool to forward ports locally or remotely, no root or SSH required

23

android-wget. Port of wget to Android

18

ocsp-stapling-examples. Minimal running web server examples with OCSP stapling

8

gpg-download-verifier. Verify various styles of GPG download signatures using TOFU.

7

verify-js. Proof of concept: Updateable JS apps using code signing and bookmarklets

6

learnrust. Rust

5

boulder. An ACME-based CA, written in Go.

2

caa-simplification. A draft for a successor to RFC 6844

2

mkstats. Go

2

https-everywhere-checker. Rule checker for HTTPS Everywhere

2

jsonp-sandbox. A jQuery plugin to sandbox all JSONP requests in an off-domain iframe.

2

rust-private-loggers. A demo of making a Rust staticlib with exclusive control of its own logs

1

rust. Empowering everyone to build reliable and efficient software.

1

acme-client. A Ruby client for the letsencrypt's ACME protocol.

1

yubikey-agent. yubikey-agent is a seamless ssh-agent for YubiKeys.

1

kube-lego. Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt

1

trillian. Trillian implements a Merkle tree whose contents are served from a data storage layer, to allow scalability to extremely large trees.

1

kubetail. command line tool to tail logs from many kubernetes pods

1

certificate-transparency-go. Auditing for TLS certificates, Go code.

1

awful.zone. An authoritative DNS server that serves horrible responses in order to test recursive behavior

1

certlint-1. X.509 certificate linter, written in Go

1

pshtt. Scan domains and return data based on HTTPS best practices

1

pdns. PowerDNS

1

hello-dns. Hello and welcome to DNS!

1

cert-manager. Automatically provision and manage TLS certificates in Kubernetes

1

caddy. Fast, cross-platform HTTP/2 web server with automatic HTTPS

1

openssh-portable. Portable OpenSSH

1

certificatetransparency. Certificate Transparency stuff

1

starttls-everywhere. A system for ensuring & authenticating STARTTLS encryption between mail servers

1

cfssl. CFSSL: CloudFlare's PKI toolkit

1

https. The HTTPS-Only Standard for federal domains (M-15-13), and helpful implementation guidance.

1

certificate-transparency. Auditing for TLS certificates.

1

acme-spec. ACME Specification

1

cp-cps. ISRG / Let's Encrypt CP and CPS Documents

1

yubioath-desktop. Crossplatform graphical user interface to generate one-time passwords.

1

.well-known. well-known test

1