Peer-PKI-Root - Researching the future of webpki
Project highlights
The Peer-PKI-Root project is a decentralized, peer-to-peer Public Key Infrastructure (PKI) root designed to address the need for a community-driven root of trust. It targets developers and organizations interested in enhancing their security posture by establishing a trust model independent of traditional centralized Certificate Authorities (CAs). The project enables the creation, management, and validation of PKI structures without relying on third-party CAs, addressing the issues of centralization and vendor lock-in in the realm of digital certificates.
Features
- Peer-to-peer decentralized PKI management.
- Self-sovereign identity management.
- Certificate issuance and revocation functionality.
- Support for standard X.509 certificates.
- Implementation of secure trust delegation between peers.
- Ensures transparency, integrity, and decentralization in certificate management.
How to install
To install and run the Peer-PKI-Root tool:
- Clone the repository:
git clone
- Install necessary dependencies:
cargo build
- Set up any required environment variables and configure local settings as needed.
Usage Example
To issue a new certificate using the CLI:
new-assertion --tls-pem p256.pub --ens zombo.erh --dns Zombi --ip4 198.51.100.60
To revoke an existing certificate:
TBD
Documentation
For detailed documentation, including configuration options and advanced usage, please refer to the [official GitHub repos
Dependencies
- IC
- ENS
- TEE
- OpenSSL
- Additional Python libraries specified in
requirements.txt
Ensure you are using the correct versions of dependencies to avoid compatibility issues.
License
The project is licensed under the MIT License, allowing for permissive use, modification, and distribution. For more details, please refer to the LICENSE
file in the repository.
Resources
Future Plans
Future development plans include:
- Enhancing support for additional certificate formats.
- Implementing multi-platform compatibility.
- Integration with popular cryptographic libraries.
- Attending security conferences to present the project and engage with the community.