I'm a software engineer who works on security, usability, networking, and cryptography. I'm the bootstrapped founder of SSLMate, which makes it easy to obtain and monitor SSL certificates, and DNS Helper, which helps your customers add DNS records so you don't have to.
Some of the things I've done:
- Created the world's first command line tool to get publicly-trusted SSL certificates, and the first self-service API for automated certificate issuance.
- Wrote Cert Spotter, one of the first Certificate Transparency monitors, and ct-honeybee, a tool for Certificate Transparency gossip.
- Found a Duplicate Signature Key Selection Attack in ACME that was missed by a formal cryptographic audit.
- Demonstrated how OCSP could be used to forge certificates using hash collision attacks.
- Uncovered evidence that led to the distrust of multiple certificate authorities.
I use he/him pronouns.
I am not for hire.
Follow Me
- Bluesky: @agwa.name
- Fediverse/Mastodon: @agwa@agwa.name
- GitHub: AGWA
- Blog Posts RSS
- Blog Posts by Email
Contact Me
- agwa@andrewayer.name
- EF5D 84C1 838F 2EB6 D896 8C04 1037 8EFC 2080 080C (PGPv4, 4096-bit RSA)
Recent Blog Posts
June 2023
The Story Behind Last Week's Let's Encrypt Downtime
The Difference Between Root Certificate Authorities, Intermediates, and Resellers
January 2023
The SSL Certificate Issuer Field is a Lie
whoarethey: Determine Who Can Log In to an SSH Server
December 2022
No, Google Did Not Hike the Price of a .dev Domain from $12 to $850