Will Faught

August 2023

Server-To-Server Authentication Schemes

A tour of motivations, techniques, strengths, and weaknesses.

Latacora: Modern applications tend to be composed from relationships between smaller applications. Secure modern applications thus need a way to express and enforce security policies that span multiple services. This is the “server-to-server” (S2S) authentication and authorization problem (for simplicity, I’ll mash both concepts into the term “auth” for most of this post). Designers today have a lot of options for S2S auth, but there isn’t much clarity about what the options are or why you’d select any of them.

authentication encryption macaroons mtls servers technology

Will Faught

3 minutes

April 2016

WhatsApp Adds End-To-End Encryption

WhatsApp: WhatsApp has always prioritized making your data and communication as secure as possible. And today, we’re proud to announce that we’ve completed a technological development that makes WhatsApp a leader in protecting your private communication: full end-to-end encryption. From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats.

encryption whatsapp

Will Faught

1 minute