The SPIFFE project is being actively developed by a select community of developers who are currently facing the challenges SPIFFE attempts to tackle. This page provides an index to various documents that have been proposed by these developers.

  • (2017/05) The SPIFFE Verifiable Identity Document (SVID) is a specification detailing a combination of naming format, X.509 certificate format, and trusted root bundle sets. This allows two (2) bundles with a common trust root to securely identify each other. (Under active development)

  • (2017/05) The SPIFFE Workload API specification outlines the APIs that must be made available to a workload to be considered “SPIFFE-compatible.” The workload API includes the ability to provision SPIFFE SVIDs. (Under active development, design-partner access only)

  • (2017/03) The SPIFFE Reference Implementation (SRI) details an open-source software stack that allows for provisioning and managing SPIFFE identities across varying platforms. The SRI implements the SPIFFE Workload API. (Under active development, design-partner access only)

  • (2016/03) The SPIFFE whitepaper is SPIFFE’s original proposal, as first presented at GlueCon 2016. (Not under active development)