Micah Spady

19 articles published
10 topics covered
About
Micah has over 10 years of experience in IT and cybersecurity, helping thousands of organizations implement PKI, 802.1X, and RADIUS-based security solutions. He works closely with SecureW2’s Sales and Marketing teams to translate real-world security challenges into clear guidance for customers. Micah stays current on the latest trends in PKI and authentication security to share insights with both customers and the broader community. Outside of work, he enjoys spending time with his wife and cat, and tending to his garden when it’s not raining.
Cited by
Articles by

Micah

A technical guide to how certificate chains link end-entity certificates back to trusted root certificate authorities — and what breaks when the chain fails.
PKI/Certificates June 11, 2026
Chain of Trust Certificate: How Certificate Hierarchies Work

Learn how certificate chains establish trust and how path validation verifies certificates.

Passwordless SSH setup using OpenSSH key pairs, permissions, and server hardening
Protocols & Standards June 5, 2026
SSH Without a Password: How to Set Up Key-Based Authentication

Managing dozens of authorized_keys files across a fleet of servers is where SSH key hygiene breaks down. Static public keys never expire, revocation is manual, and auditing who has access...

K-12 districts are retiring shared PSKs and PEAP-MSCHAPv2 for certificate-based Wi-Fi that ends password resets and shared logins. SecureW2 Dynamic PKI and Cloud RADIUS deliver EAP-TLS to managed Chromebooks through Google Admin without an on-prem NPS.
K-12 Schools June 3, 2026
802.1X Certificate Authentication for K-12 Districts: Setup Guide Using Google Admin and Cloud PKI

Most K-12 districts still run shared-device Wi-Fi on pre-shared keys (PSKs) or Protected Extensible Authentication Protocol-Microsoft Challenge Handshake Authentication Protocol version 2 (PEAP-MSCHAPv2), and every August the result is the...

A technical walkthrough of how to set up OAth for AI agents — including client credential flow for MCP, token scoping, refresh token rotation, and when to use mTLS instead.
Protocols & Standards June 2, 2026
OAuth for AI Agents: A Practical Implementation Guide

With the explosion of automated processes requesting access to networks, OAuth for AI agents is no longer optional. Today, it’s the authorization foundation that separates well-governed agent deployments from ones...

A technical guide to mutual TLS authentication for AI agents covering the mTLS handshake, certificate lifecycle challenges at scale, and how mTLS compares to OAuth and API keys for agent identity.
PKI/Certificates May 27, 2026
Why and When To Use Mutual TLS for AI Agent Authentication

In a world increasingly populated by autonomous agents, mutual TLS (mTLS) is fast becoming a necessity for some deployments. AI agents call APIs, query databases, invoke tools, and communicate with...

Though it’s unclear exactly when Q-Day will arrive, it’s clear that quantum computing will render current encryption algorithms useless. This is how organizations should be preparing right now.
PKI/Certificates May 27, 2026
What Is Q-Day? The Quantum Threat to Encryption, Explained

There is a watershed moment for network security coming: Q-Day. The term refers to the day when quantum computers running algorithms impossible on classical computers could potentially breeze past most...

A technical guide to root CA certificates covering how they anchor PKI trust hierarchies, how to protect the root CA private key and when a managed cloud root CA is the better operational choice.
PKI/Certificates May 22, 2026
What Is a Root CA Certificate and Do I Need One?

Every certificate your organization issues — whether for Wi-Fi authentication, VPN access or internal web applications — traces its trust back to a single point: the root CA certificate. That...

A practitioner's guide to elliptic curve cryptography, explaining how ECC and ECDSA work, how they compare to RSA, which named curves to use, and why ECDSA device certificates are the standard for 802.1X network authentication.
PKI/Certificates May 21, 2026
Elliptic Curve Cryptography: ECC, ECDSA, and Device Certificates Explained

Certificate algorithm selection sounds like a configuration detail, but it has real consequences for authentication speed, certificate payload size, and PKI scalability. Elliptic curve cryptography (ECC) has become the dominant...

Configure Okta Device Access SCEP end-to-end and avoid common pitfalls like renewal gaps and EKU misconfiguration.
Uncategorized May 21, 2026
How to Configure SCEP Certificate Enrollment With Okta Device Access (ODA)

Phishing-resistant device trust is the bar Okta Device Access (ODA) raises for every IT team running an Okta tenant. The device proves itself with a certificate, and that certificate lands...