CFSSL

In July 2014, CloudFlare released CFSSL, an open source toolkit for TLS and PKI written in Go. CFSSL can be used as a lightweight certificate authority (CA), a certificate chain bundler–and now–a TLS configuration scanner. One year later, CloudFlare announced CFSSL 1.1 and cfssl.org, the home on the web for the CFSSL development team. This was followed by CFSSL 1.2 in March 2016.

The presentation slides cover the challenges of the project and how it evolved from an internal tool for CloudFlare’s Railgun product into a software library used by several high-profile organizations including the “Let’s Encrypt” project.

Blog posts:
Introducing CFSSL – CloudFlare’s PKI toolkit
https://blog.cloudflare.com/introducing-cfssl/

How to build your own public key infrastructure
https://blog.cloudflare.com/how-to-build-your-own-public-key-infrastructure/

Introducing CFSSL 1.2
https://blog.cloudflare.com/introducing-cfssl-1-2/

For
Crypto & Privacy Village at DEF CON 23
Date
July 2014 – Present
URL
www.youtube.com/watch?v=U7WGLJSesw0
Introducing CFSSL
blog.cloudflare.com/introducing-cfssl/