 Good. Thank you. Nice to see everybody here. My name is Sunil. I am with HPE but my story with Spiffy starts well before HPE and it's been a minute since I've been really involved in these types of activities. I used to early on be the MC of these kinds of events and trying to figure out how you get people to show up to a little project when nobody understands what we're talking about and why they should care. It's amazing to see the growth in the community. It's amazing to see all the contributions. It's amazing to see people's continued investment in this project. So thank you for that. Today I'm going to take you very quickly through a story at least in terms of the genesis of this project. This will be old news for some of the folks in this room already that have been there with me but for many of you it'll be probably brand new. So hopefully this will give you a sense of where we've come from and where we're going and the things that I think are important to what this community is all about. Okay. So I'm going to take you through that story very, very quickly. My story in particular and it does start at least with me because I'm the one up here telling the story was back in 2016. At 16 I was at a firm called Bessemer. It was an investment firm. We did a lot of venture capital investments and before that I was at Google. I worked as a product manager in the networking group for Google Cloud and I spent a lot of time working on some of the networking services that Google Cloud eventually launched and developed. While at Google I had an opportunity to meet this guy and he didn't look as crazy as he does in this picture but he was crazy in so many good ways right and in the good ways that I think we all benefit from, our industries benefit from as well. Him, Craig, forgetting he's going to kill me now. Well the founders of Kubernetes among others spent a lot of time thinking about how do you bring to life concepts around distributed systems architecture for everybody that doesn't have a name that sounds like Google right and one of those was Spiffy. Okay so back in 2016 for those of you that didn't know Joe Beta was one of the folks that wrote the first he drafted the first document this Google document that was circulated amongst a small group of people in 2016. Okay and I was one of those folks that got this document and I was reading through it and having been a Googler I saw some of the power of the technology that was underpinning this and what was based on this and and this became the beginnings of what I think is an amazing project that provides a pretty foundational and required capability to continue to build the architectures that you see being discussed at conferences like this. This technology was built on top of something inside of Google called Low S, low overhead authentication system. It's now called ALTS, application layer transport secure that's the public name for it but back in the day it was known as Low S and it was one of the most missed pieces of infrastructure for any developer asking any Google developer and that has left Google and they will describe Low S as one of the most interesting valuable capabilities that's out there. You've seen at different production identity days and different meetups Umair and you know Evan and others have used terms like dial tone that term originated inside of Google when they described the capability like this as dial tone right you don't have to think about how I'm going to wire up my applications to talk to each other they basically have a registry they have you know kind of uh tested identities and then when we need to communicate we have to communicate over you know authenticated encrypted gRPC channels as well. This became the one of the meaningful pieces of how uh Spiffy came to be because we learned a lot about what was the benefit of having a separate identity attestation authentication system that wasn't as tightly coupled to the actual applications and services that you were running here okay. Now back in the time when Google was running this system they had tried all kinds of things they tried network based capabilities to provide similar types of IP based control points but for all the reasons that you probably know if you're sitting here in this room you probably understand why those were not necessarily scaling at the scale of a company like Google. They also went off and tried to do all types of static token and key injection into various systems and servers all their machines that were out there but those two had all kinds of constraints in the sense that they were tied to the machines they weren't necessarily tied to the ephemeral workloads per se so there was a gap that existed in terms of the ability to be able to scalably provision and deprovision these identities throughout Google's infrastructure. So what does any smart engineer do? They typically go back in time they look at their forefathers and mothers and try to get a sense of what was built before that I could be inspired by and the Googlers did the same thing. They went back to the 80s and they saw that back in the 80s Bell Laboratories was working on a number of efforts that were pretty interesting and potentially could be useful for addressing these types of problems that they were facing at Google and one of those things was inside of plan nine which was one of their distributed operating systems that they built back in the 80s and as part of that they had built a security subsystem in there called factotum. In fact totum began to exhibit many of the characteristics of being able to have a decentralized way of being able to continuously provide some level of verification for every file that was communicating with every other file in the Unix based distributed operating system and so it's no surprise that you know as Google thought about its challenges and where it was going to go as it continued to scale that the authors of this paper Russ Cox, Eric Gross, Rob Pykes, Dave Prasado, Sean Quinlan they all found their way over to Google. So this is by no mistake right these ideas come from looking at what we've done beforehand and I think in some ways what you're seeing with low ass and ALTS is or was one of the first production implementations of some of these crazy ideas by these crazy computer scientists who we all have lots to give thanks for. So that became the backstory for how and why we decided to actually or why Joe decided to bring this idea out into the world and then bring a group of people around him including myself. In 2016 we went forward and we continued to build a small community okay and it was myself Joe and a number of folks in this room in the early days in 2016 that you'll see this includes folks from Google on the Istio team Cisco or before it was Istio, Cisco, Netflix, Twilio, Salesforce, Twitter and JPMorgan Chase. This was Spiffy Meetup number one at Twilio or at Netflix as HQ down in Los Gatos, California. Small group seven people eight people very different than what we have here today and I'm very grateful for that because it meant that we were doing something right we were thinking about this the right way. This became the beginnings of our little community right and it went so far to eventually have me decide to go form a company called Sightail which many of you know many of you were part of Sightail as well and this became the company that was really materially driving a lot of the engagement from 2017 and on. In fact when we started Sightail in Q1 of 2017 we were still talking about Spiffy Inspire we had barely gotten a sense of what it was no code had been written at this point I don't think. Evan Gilman hadn't joined we only have a team together but we had a design document of what we might want to do and so we were really thrust into the spotlight when the Istio team decided to include a little reference to Spiffy Inspire in the 0.1 announcement of the original launch of the Istio service mesh offering so down underneath the fold you'll see them making a call out to the Spiffy capabilities because it was fundamental to how they wanted to be able to think about how what was the mechanism to provision identity to the workloads that were going to be managed by the Istio mesh as a whole this was huge for our community right huge for a group of seven eight people sitting in a room together and all of a sudden Google gets up on the stage and talks about this project that's barely off the ground and running and that was really I think what kicked things off for us as we continued forward in time we eventually got to the point where we got a group of folks together and we made our submission in November of 2017 to the CNCF it was a long process it was a very different process than I understand it is today which is a sign of the growth and prosperity of the CNCF and the open source community as a whole but this became kind of the watershed moment for our project or one of the watershed moments for our project because it allowed for us to actually go forward from being an idea to it being something that had the backing of an organization that had the kind of principles that we also espouse in our community as well this was amazing for us we continued to you know enjoy that we we spent quite a bit of time you know at the following KubeCon which was in December of 2017 in Austin where it snowed in Austin actually for those of you that were there it was kind of ludicrous to see snow in Austin Texas it was a great great conference for us it was a great party for us because it was an opportunity for everybody to understand a little bit more about who and what we were and that eventually a few months later led to the CNCF hosting our Spiffy project now this is our story this is our origin story for our project right but our story is built on the stories of others those of you that are here in this community now this is now your story and you're going to continue to carry that forward and my my goal here in this presentation was to give you a sense of where we've come from and so you know where we're trying to get to we have a community that is open that is friendly that is curious that doesn't take no for an answer which I love and I think that is what drives us forward and is what is allowed for this community to continue to thrive and grow in the way that it has over the last four years and as you continue to be engaged in this community we expect I expect you to be the same I expect you to say I don't know how to do things I expect you to say I need help with things because that's what this community is designed to do it is not one where everybody just knows what's happening if it was this would have been said and done a long time ago engage participate offer be vulnerable in this community because it's a community that will will honor that and will respect that very very much so so with that I'll say thank you for your time thank you for commitment if you want to connect with me that's my qr code for those of you at home as well you can just scan that and I'll see you on linkedin all right thank you