#pki

2026-03-29

A publication-grade monograph generated from Certificate Transparency

Pull every currently-valid leaf cert with matching SAN substrings out of the public CT logs; verify they're real leaves; assess intended usage via EKU/KeyUsage; scan their DNS names for effective CAA policy; emit a primary readable output as Markdown, LaTeX, and PDF. Made for the case where you want to *publish* the result.

2021-10-11

The Terraform-Kubernetes-Ansible-PKI-ACME pipe that started this whole thing

The 2021 prototype that turned out to be the first draft of everything I've been doing with self-hosted infrastructure ever since — Terraform for the cloud, Kubernetes for the runtime, Ansible for the configuration, PKI for the trust, ACME for the cert lifecycle. Five letters, one pipe.