EFF staffer working on @letsencrypt and other open source projects.
minica. minica is a small, simple CA intended for use in situations where the CA operator also operates each host where a certificate will be used.
3.3kblocktogether. Share your blocks and subscribe to others'
322unboundtest. Web service to test DNS resolution against Unbound with config similar to Let's Encrypt
53github-sync. A tool to mirror all your GitHub repos. Run it in cron.
31listenbuddy. A simple tool to forward ports locally or remotely, no root or SSH required
23android-wget. Port of wget to Android
18ocsp-stapling-examples. Minimal running web server examples with OCSP stapling
8gpg-download-verifier. Verify various styles of GPG download signatures using TOFU.
7verify-js. Proof of concept: Updateable JS apps using code signing and bookmarklets
6learnrust. Rust
5boulder. An ACME-based CA, written in Go.
2caa-simplification. A draft for a successor to RFC 6844
2mkstats. Go
2https-everywhere-checker. Rule checker for HTTPS Everywhere
2jsonp-sandbox. A jQuery plugin to sandbox all JSONP requests in an off-domain iframe.
2rust-private-loggers. A demo of making a Rust staticlib with exclusive control of its own logs
1rust. Empowering everyone to build reliable and efficient software.
1acme-client. A Ruby client for the letsencrypt's ACME protocol.
1yubikey-agent. yubikey-agent is a seamless ssh-agent for YubiKeys.
1kube-lego. Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
1trillian. Trillian implements a Merkle tree whose contents are served from a data storage layer, to allow scalability to extremely large trees.
1kubetail. command line tool to tail logs from many kubernetes pods
1certificate-transparency-go. Auditing for TLS certificates, Go code.
1awful.zone. An authoritative DNS server that serves horrible responses in order to test recursive behavior
1certlint-1. X.509 certificate linter, written in Go
1pshtt. Scan domains and return data based on HTTPS best practices
1pdns. PowerDNS
1hello-dns. Hello and welcome to DNS!
1cert-manager. Automatically provision and manage TLS certificates in Kubernetes
1caddy. Fast, cross-platform HTTP/2 web server with automatic HTTPS
1openssh-portable. Portable OpenSSH
1certificatetransparency. Certificate Transparency stuff
1starttls-everywhere. A system for ensuring & authenticating STARTTLS encryption between mail servers
1cfssl. CFSSL: CloudFlare's PKI toolkit
1https. The HTTPS-Only Standard for federal domains (M-15-13), and helpful implementation guidance.
1certificate-transparency. Auditing for TLS certificates.
1acme-spec. ACME Specification
1cp-cps. ISRG / Let's Encrypt CP and CPS Documents
1yubioath-desktop. Crossplatform graphical user interface to generate one-time passwords.
1.well-known. well-known test
1