RMRenukashree Muraliinquietbytes.hashnode.dev·5h ago · 3 min readBuilding and Breaking My Own JWT Auth System — Part 1: Setting the FoundationPart 1 of a series where I build a Flask API with JWT authentication, then deliberately exploit six real vulnerabilities in it — documenting why each one exists at the JWT specification level, not jus00
RMRenukashree Muraliinquietbytes.hashnode.dev·1d ago · 6 min readBuilding a PKI From Scratch, Part 4: Revocation and the CRLWhat this does The final part of building a Public Key Infrastructure by hand with Python and OpenSSL. Parts 1–3 built a working three-tier trust chain and issued a real server certificate. This part 00
RMRenukashree Muraliinquietbytes.hashnode.dev·1d ago · 6 min readBuilding a PKI From Scratch, Part 3: Issuing a Certificate and Proving the Chain WorksWhat this does Part 3 of building a Public Key Infrastructure by hand with Python and OpenSSL. Parts 1 and 2 built the Root and Intermediate CAs — pure trust-establishment, nothing signed anything rea00
RMRenukashree Muraliinquietbytes.hashnode.dev·1d ago · 6 min readBuilding a PKI from Scratch, Part 2: The Intermediate CAWhat this does Part 2 of building a Public Key Infrastructure by hand with Python and OpenSSL. Part 1 covered the Root CA — a self-signed trust anchor. This part covers the Intermediate CA: a second c00
RMRenukashree Muraliinquietbytes.hashnode.dev·3d ago · 6 min readBuilding a PKI From Scratch, Part 1: The Root CAWhat this does I'm building a complete Public Key Infrastructure by hand — a Root Certificate Authority, an Intermediate CA, end-entity certificate issuance, revocation, and CRL generation — using Pyt00