Christian Posta
@christianposta
Field CTO @soloio_inc | AI Reliability Engineering | Cloud Networking | Author | International Speaker
It's official! Today @rinormaloku and I announce the release of our (long-awaited!) book, #Istio in Action with @ManningBooks and forward written by @eric_brewer! With 450+ pages built over 3.5 years... we are both very proud of this work to help the @IstioMesh community.
FWIW, I think @christianposta is on to something with CIBA. We probably need a JIT access system for customer facing app being build with llm/agentic capabilities leveraged on the backend. All that said, we should probably call out that this is not the way to improve SDLC with…
Wrote a quick example to show calling (#A2A) AI Agent with downscoped User OAuth access token. Helps to make user delegation concepts more concrete. See blog and associated code! blog.christianposta.com/setting-up-a2a…
Join us on Aug13 for a conversation on MCP security with @christianposta (@soloio_inc), Gary Archer (@curityio), @kevinswiber (Layered System) and our own @DoerrfeldBill. The panel will explore real threats in MCP-powered ecosystems. Register: nordicapis.com/events/mcp-sec…
Join us for this week’s #vClusterFriday as we take a closer look at @kgatewaydev, a CNCF sandbox project for Kubernetes-native API gateways. @SaiyamPathak & @fabiankramm are joined by @linsun_unc and @christianposta to walk through how it works. 🎥 youtube.com/watch?v=J4YSbn…
🚨 The latest MCP Authorization spec uses newer OAuth 2.x RFCs. I did some research on what popular identity providers actually support. Here's what I found: MCP Authorization Required (MUST) 👉 OAuth 2.1 / PKCE support 👉 RFC 8414 - OAuth 2.0 Authorization Server Metadata 👉…
🔐 In the latest update to the MCP Authorization spec (June 25), MCP clients are encouraged (SHOULD) to use OAuth 2.0 Dynamic Client Registration , enabling clients to automatically register with an IdP like Keycloak, Auth0, or Okta. When combined with: ✅ Resource Indicators…
After 3 years, I am thrilled to be able to announce that the Argo CD book that @christianh814 and I have written is now available! Learn how to leverage the full set of features included within Argo CD which implement GitOps principles based on years of industry experience with…
🤖 Agents can’t collaborate if they can’t find each other. The hashtag#A2A protocol is becoming the standard for autonomous agent communication but it’s missing a critical layer: Discovery, Naming, and Resolution. In fast-moving environments, hardcoding endpoints and static…
We do need to evolve #OAuth for agentic workloads, but let’s not overlook how far today’s standards can already take us. OAuth for user authorization delegation is great. OAuth for agent identity, authorization, and delegation can use some work. Let's see what's available today:…
🚀 The final part of my “𝐔𝐧𝐝𝐞𝐫𝐬𝐭𝐚𝐧𝐝𝐢𝐧𝐠 𝐌𝐂𝐏 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧” series is now live! The response to the first two posts was incredible — thanks to everyone who shared, commented, connected, and especially Marjan Sterjev for feedback! Now in 𝐏𝐚𝐫𝐭…
🎉 🎉 I've built a step-by-step guides to build MCP servers secured by the 𝐌𝐂𝐏 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐬𝐩𝐞𝐜 (June). The steps walk you through building an MCP server with the HTTP transport, introducing JWT verification, exposing protected resource metadata, and…
Agent identity is critical for authorization. In his latest blog, @christianposta explores how SPIFFE fits in today’s AI-driven infra like Kubernetes & Istio—and what may need to change. 🧠 Read it here: bit.ly/44CbJfI #AI #SPIFFE #AgenticAI #Kubernetes #Identity
🚨 All AI agents need a unique identity. 🚨 Can SPIFFE help here? No matter how big, small, long-lived/short-lived, one replica, many replicas, etc. Well, in SPIFFE implementations built on Kubernetes, like Istio, there is a fundamental mismatch with agents' non-deterministic,…
🎙️Gloo’d In Ep. 1 is live! Anuj Singh chats with @christianposta about Solo.io’s open source work in AI—covering MCP, Kagent, and Kgateway. 🎧 Tune in:youtu.be/UprfqOi5LdU #AI #OpenSource #Kagent #Kgateway #MCP #CloudNative #Soloio
Two new ways to get involved with the llm-d project! ✅ Help shape our roadmap by taking our 5-min survey on your LLM use cases. ✅ Subscribe to our new YouTube channel for tutorials & SIG meetings! Details in our latest community update: llm-d.ai/blog/llm-d-com…
AI agents demand stricter identity and auth, what key principles from microservices can we keep, and where must we rethink security?