I'm a software engineer who works on security, usability, networking, and cryptography. I'm the bootstrapped founder of SSLMate, which makes it easy to obtain and monitor SSL certificates, and DNS Helper, which helps your customers add DNS records so you don't have to.
Some of the things I've done:
- Created the world's first command line tool to get publicly-trusted SSL certificates, and the first self-service API for automated certificate issuance.
- Wrote Cert Spotter, one of the first Certificate Transparency monitors, and ct-honeybee, a tool for Certificate Transparency gossip.
- Found a Duplicate Signature Key Selection Attack in ACME that was missed by a formal cryptographic audit.
- Demonstrated how OCSP could be used to forge certificates using hash collision attacks.
- Uncovered evidence that led to the distrust of multiple certificate authorities.
I use he/him pronouns.
I am not for hire.
Follow Me
- Fediverse/Mastodon: @agwa@agwa.name
- Bluesky: @agwa.name (less used)
- Twitter: @__agwa (no longer used)
- GitHub: AGWA
- Blog Posts RSS
- Blog Posts by Email
Contact Me
Recent Blog Posts
February 2026
Why IP Address Certificates Are Dangerous and Usually Unnecessary
December 2025
Certificate Authorities Are Once Again Issuing Certificates That Don't Work
November 2025
Google Just Suspended My Company's Google Cloud Account for the Third Time
October 2025
I'm Independently Verifying Go's Reproducible Builds