Worlds Largest PKI Implementation

PKI Achievements

We are clearly one of the largest CA’s in the world, however the largest depends highly on one how you measure. In any case we represent, again depending on how you measure, between 1/4th and 1/3rd of the worlds total SSL certs. And I am told by a number of people who have worked on our system and others, as well as by our auditors, that we are one of the finest CA’s in the world.

While I have little to do with the application development, and the current architecture was mostly inherited, I do manage the databases for this. At one time we also boasted the worlds most efficient OSCP responded written by my former boss Chris G.  I can not say enough good things about him, and the entire team I work with. They are all amazing people! The environment went stagnant for a bit but I am proud of where we are going with PKI; as these handful of instances our now my secure baby  🙂

Worlds Largest Authoritative DNS

DNS Achievements:

I am responsible for the MySQL back-end for the worlds largest authoritative DNS with over 37 million zones.
When I inherited this system (Over 10 million zones ago) it was fraught with problems. However with diligence and an eye for detail, and lots of help from the application team, I was able to remove the land minds, document the complicated infrastructure, and implement a streamlined design that lends it’s self to automation. I started with 4, significantly expensive, anycast pods and a hodgepodge of master. Since then we have increased our zones by over a third and while added we added a new pod I also worked hard to stabilized the masters and pods with little additional hardware.
We are on the verge of completing a new phase where the masters will be bi-coastal and dozens of new pods will drop our premium DNS to response time. Continue “Worlds Largest Authoritative DNS”