Skip to content

caniszczyk/spiffe

 
 

Repository files navigation

About SPIFFE

The Secure Production Identity Framework For Everyone (SPIFFE) Project defines a framework and set of standards for identifying and securing communications between web-based services. At its heart, SPIFFE is:

  • A standard defining how services identify themselves to each other. These are called SPIFFE IDs and are implemented as Uniform Resource Identifiers (URIs).

  • A standard for encoding SPIFFE IDs in a cryptographically-verifiable document called a SPIFFE Verifiable Identity Document or SVIDs.

  • An API specification for issuing and/or retrieving SVIDs. This is the Workload API.

The SPIFFE Project is also producing a reference implementation that, in addition to the above, will:

  • Perform node and workload attestation.
  • Implement a signing framework for securely issuing and renewing SVIDs.
  • Provide an API for registering nodes and workloads, along with their designated SPIFFE IDs.

SPIFFE Standards

Getting Started

  • spiffe: This repository includes the SPIFFE ID, SVID and Workload API specifications, example code, and tests, as well as project governance, policies, and processes.
  • spire: This is a reference implementation of SPIFFE and the SPIFFE Workload API that can be run on and accross varying hosting environments.
  • spiffe-examples: Examples and demonstrations.
  • go-spiffe: Golang client libraries.

Communications

Contribute

SIGs & Working Groups

Most community activity is organized into Special Interest Groups (SIGs), time-bounded working groups, and our monthly community-wide meetings. SIGs follow these guidelines, although each may operate differently depending on their needs and workflows. Each group's material can be found in the /sigs directory of this repository.

Name Leads Group Slack Channel Meetings
Components Oliver Liu (Google, Inc.) Here Here Notes
Integration: AWS Jon Debonis (Blend, Inc.) Here Here Notes
Integration: gRPC Lizan Zhou (Google, Inc.) Here Here Notes
Integration: Kubernetes Vipin Jain (Pensando, Inc.) & Tao Li (Google, Inc.) Here Here Notes
Specification Evan Gilman (Scytale, Inc.) Here Here Notes

Follow the SPIFFE Project You can find us on Github and Twitter.

About

The SPIFFE Project

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 38.9%
  • Modelica 25.7%
  • Python 20.7%
  • Makefile 7.7%
  • Go 4.7%
  • Ruby 2.3%