10 Years of SPIFFE

A little over 10 years ago I wrote the design doc for SPIFFE, a standard for giving workloads cryptographic identities so services can authenticate to each other without passwords. I launched it at a talk at GlueCon that year. This was a unique thing as it was an "open source" project that was just a document. There was no code initially.

I almost started a company around it but did Heptio instead. I handed it off to Sunil James who started a company and got it into the CNCF. Sunil and the folks at his company, Scytale, also wrote the companion reference implementation called SPIRE.

This just goes to show I suck at timing. 😂 It is having a moment now. It only took 10 years for the need for workload identity to be obvious with the advent of agents.

To mark this I want to get some of the original artifacts out there for anyone that is interested.

• Original design doc: https://docs.google.com/document/d/1GjurNK2ROw4rXz-k-l68JtpGRkGj2fZcWqP6gksEriQ/edit
• Original presentation at GlueCon: http://slides.eightypercent.net/spiffe-intro/index.html#p1

Easter egg: the colors in the original logo and design doc were based on my last name. Fun you can have when your name can be represented as hex. #00BEDA and #BEDA00. Those colors (or very similar) are still used in the logo!

{{< figure-pair src1="/images/spiffe/spiffe-logo-original.png" cap1="The original SPIFFE logo, circa 2016" src2="/images/spiffe/spiffe-logo-current.png" cap2="The current SPIFFE logo" >}}

Huge thank you to everyone who took the baton. Picking up someone else's half-formed idea and shipping it is harder than having the idea. You all did that.

This was originally posted on LinkedIn but I want the long-term home to be on this blog.