https://blog.catalyst9.ai/tags/agentkms/Recent content in Agentkms on Catalyst9 EngineeringHugoen-usThu, 11 Jun 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-7-plugin-model/Mon, 04 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-7-plugin-model/AgentKMS is one binary. Everything provider-specific, audit-specific, or compliance-specific is a plugin. Here’s why that matters and what the plugin API looks like.https://blog.catalyst9.ai/posts/part-9-airport-recovery/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-9-airport-recovery/Lose the laptop at the gate, buy a new one, be back in your secrets in under two minutes. Here is what that actually looks like.https://blog.catalyst9.ai/posts/part-10-multi-principal-identity/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-10-multi-principal-identity/Classic identity models handle one principal type at a time. Real systems have four interacting simultaneously — and most auth stacks are not built for that.https://blog.catalyst9.ai/posts/part-11-shipping-webauthn/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-11-shipping-webauthn/Phase 1 piece #4 and Phase 1b-C were both marked complete based on unit tests. Then I drove a real browser ceremony and five bugs cascaded out at once.https://blog.catalyst9.ai/posts/part-13-policy-stacking/Thu, 11 Jun 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-13-policy-stacking/We built a real ABAC policy engine on top of the identity and step-up work. You can now express ’everything under LLM/* needs a human in the loop’ as a default, while stacking a more specific rule that says only principals with an openai_admin label can write or delete under LLMS/OPENAI. The client (kpm) consumes the policy signals so get forces step-up, env/run warns about high-value paths, and strict mode makes every decrypt a fresh policy-checked round-trip.