https://www.strathweb.com/categories/duende/ Recent content in Duende on Strathweb. A free flowing tech monologue. Hugo -- gohugo.io en-us Fri, 23 Aug 2024 07:06:14 +0000 https://www.strathweb.com/2024/08/strathweb-dilithium-for-duende-identity-server-now-supports-automatic-key-management/ Fri, 23 Aug 2024 07:06:14 +0000 https://www.strathweb.com/2024/08/strathweb-dilithium-for-duende-identity-server-now-supports-automatic-key-management/ <p>Earlier this week, I released version 0.2.0 of my post-quantum cryptography helper library .NET, <a href="https://github.com/filipw/Strathweb.Dilithium">Strathweb.Dilithium</a>, which introduces a new feature - automatic key management support in Duende Identity Server. This feature plugs into the automatic key management capabilities of Duende Identity Server, and allows you to automatically generate and manage Dilithium keys for token signing purposes, without having to manually handle the key generation and rotation.</p> https://www.strathweb.com/2023/08/announcing-strathweb-dilithium-a-set-of-net-helper-libraries-for-post-quantum-cryptography/ Tue, 22 Aug 2023 18:00:14 +0000 https://www.strathweb.com/2023/08/announcing-strathweb-dilithium-a-set-of-net-helper-libraries-for-post-quantum-cryptography/ <p>Earlier this year I blogged about post-quantum cryptography in .NET using <a href="https://www.strathweb.com/2023/02/post-quantum-cryptography-in-net/">Dilithium and Kyber</a>. This was then followed by <a href="https://www.strathweb.com/2023/03/post-quantum-token-signing-with-dilithium-using-duende-identity-server/">another post</a>, which showed how Dilithium can be wired into a popular .NET Identity Server, <a href="https://duendesoftware.com/products/identityserver">Duende Identity Server</a>, for token signing purposes.</p> <p>Today I would like to announce <a href="https://github.com/filipw/Strathweb.Dilithium">Strathweb.Dilithium</a>, a set of .NET helper libraries to facilitate working with Dilithium in ASP.NET Core projects.</p> https://www.strathweb.com/2023/03/post-quantum-token-signing-with-dilithium-using-duende-identity-server/ Fri, 24 Mar 2023 11:06:14 +0000 https://www.strathweb.com/2023/03/post-quantum-token-signing-with-dilithium-using-duende-identity-server/ <p>On March 12th, a new IETF draft <a href="https://www.ietf.org/id/draft-ietf-cose-dilithium-00.html">JOSE and COSE Encoding for Dilithium</a> was published. It describes JSON serializations for CRYSTALS-Dilithium, a post-quantum cryptography suite. This in turn allows using post-quantum cryptography for tasks like signing JSON Web Tokens in a standardized fashion.</p> <p>I <a href="https://www.strathweb.com/2023/02/post-quantum-cryptography-in-net/">previously blogged</a> about using CRYSTALS-Dilithium from .NET applications, so in this post let&rsquo;s see how we can apply this new draft to one of the most popular .NET OpenID Connect / OAuth 2.0 servers, <a href="https://duendesoftware.com/products/identityserver">Duende Identity Server</a></p> https://www.strathweb.com/2022/09/initiating-user-registration-via-openid-connect-with-duende-identity-server/ Wed, 28 Sep 2022 12:39:30 +0000 https://www.strathweb.com/2022/09/initiating-user-registration-via-openid-connect-with-duende-identity-server/ <p>There is a new proposal for an extension to OpenID Connect Authentication Framework, called <a href="https://openid.net/specs/openid-connect-prompt-create-1_0.html">Initiating User Registration via OpenID Connect</a>. It went into <a href="https://openid.net/2022/09/22/public-review-period-for-proposed-final-initiating-user-registration-via-openid-connect-specification/">public review</a> just last week, which is expected to close later this year.</p> <p>This very useful extension defines how a client application can indicate to the OpenID Provider that a new user account should be created, rather than triggering the typical login procedure.</p> <p>In this post we will look at how to support it with <a href="https://github.com/DuendeSoftware/IdentityServer">Duende Identity Server</a>.</p>