I clicked around a bit and have some questions/feedback:
1. I read the site but still don't fully understand what Zalter does. The HN article headline mentions PKI but the website doesn't seem to talk about that. As someone who's already familiar with PKIX I wanted to know exactly what the system does but the diagrams were more confusing than helpful; is the idea that you provide a login service that issues X.509 certificates to apps so an app server doesn't have to faff around with oauth, email, cookies etc?
2. I tried to join your Discord to ask this question but the invite is invalid.
3. The pricing page seems to have a non-sequitur on it in the "Do I get full access to my database?" question.
4. There's been no blog post for nearly a year. Is the product still evolving?
1. As opposed to the standard PKI where the system generates an X.509 certificate which is then trusted by your system by having the authority registered, our system relies more on live generation of Public + Private keys and securely sending the public bit to the Zalter servers during the authentication process. The service providers would then retrieve the public key as they're presented with signed requests, and verify the said signature to ensure the user is who they claim they are and the request is in fact coming from them. Meanwhile we do aim to have an X.509 solution as well, the current design is indeed allowing the app server to not have to rely on cookies / oauth and other similar things.
3. Thanks for pointing that out. The correct text should have been something along the lines of: We only hold the public keys and the identity ids in our own database. All the other associations are to be held on the service provider servers.
Accessing the database of users can be made through your dashboard in your zalter user: https://dashboard.zalter.com/
4. It is being actively developed although we haven't had a whole lot of time to write blog posts as we have focused our efforts into developing the product main feature. We're currently writing more blog posts and show more activity.
Hei Mike, we appreciate the feedback! We are aware of some issues on the marketing side. Please join on discord here, we'd love to talk details: https://discord.gg/v27PPktQVH
1. I read the site but still don't fully understand what Zalter does. The HN article headline mentions PKI but the website doesn't seem to talk about that. As someone who's already familiar with PKIX I wanted to know exactly what the system does but the diagrams were more confusing than helpful; is the idea that you provide a login service that issues X.509 certificates to apps so an app server doesn't have to faff around with oauth, email, cookies etc?
2. I tried to join your Discord to ask this question but the invite is invalid.
3. The pricing page seems to have a non-sequitur on it in the "Do I get full access to my database?" question.
4. There's been no blog post for nearly a year. Is the product still evolving?
2. https://discord.gg/HFPnS3M7
3. Thanks for pointing that out. The correct text should have been something along the lines of: We only hold the public keys and the identity ids in our own database. All the other associations are to be held on the service provider servers. Accessing the database of users can be made through your dashboard in your zalter user: https://dashboard.zalter.com/
4. It is being actively developed although we haven't had a whole lot of time to write blog posts as we have focused our efforts into developing the product main feature. We're currently writing more blog posts and show more activity.