Great talk and very cool functionality! I've been looking at enterprise PKI products for a customer that do this, notably Smallstep and Okta, both starting to leverage Device Attestation features for binding certificates to hardware for this very purpose. We began looking for internal enterprise PKI certificates for remote authentication (vpn) and networking (wired/wireless lan, 802.1x), but really want to leverage this for server access (ssh, tls applications) consistently using the same x.509 certificates in orchestration with the IDP since Okta now supports DA features. I'm glad to see more on this topic from folks looking for and/or creating solutions too.
Great talk and very cool functionality!
I've been looking at enterprise PKI products for a customer that do this, notably Smallstep and Okta, both starting to leverage Device Attestation features for binding certificates to hardware for this very purpose. We began looking for internal enterprise PKI certificates for remote authentication (vpn) and networking (wired/wireless lan, 802.1x), but really want to leverage this for server access (ssh, tls applications) consistently using the same x.509 certificates in orchestration with the IDP since Okta now supports DA features.
I'm glad to see more on this topic from folks looking for and/or creating solutions too.