Mariano Cano is a senior software engineer with over 12 years of experience building secure, scalable backend systems and cryptographic infrastructure from startups to enterprise. Based in Redwood City, he currently contributes to Smallstep’s core CA and KMS integrations, bringing deep expertise in cryptography, JWTs, and certificate management. He has led design and implementation of identity, payment and distributed job systems at Betable and modernized e-commerce backends and BaaS platforms at RealNetworks. An active open-source contributor, Mariano strengthened cryptographic functionality in popular projects like square/go-jose and smallstep/cli, including PBES2 support and Ed25519 bug fixes that improved key handling. Known for pragmatic engineering, he focuses on performance, maintainability, and getting security details right—often at the algorithm and protocol level.
12 years of coding experience
13 years of employment as a software developer
MS, Computer Science, MS, Computer Science at Universitat d'Alacant
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
Role in this project:
Back-end Developer
Contributions:522 reviews, 1208 commits, 348 PRs in 4 years 7 months
Contributions summary:Mariano's commits focused on modifying the core functionality related to JSON Web Tokens (JWTs), specifically the signing, verification, and inspection of these tokens. They updated and expanded the documentation, implemented changes to the signing command to ensure more secure operation, and expanded tests related to JWT use. The changes are primarily focused on the `command/crypto/jwt` and `jose` packages, demonstrating proficiency in cryptography and API design.
An implementation of JOSE standards (JWE, JWS, JWT) in Go
Role in this project:
Back-end Developer
Contributions:5 commits, 2 PRs, 10 comments in 9 months
Contributions summary:Mariano primarily contributed to enhancing the cryptographic functionality of the go-jose library. They implemented support for password-based encryption algorithms, including PBES2 variants, and refactored recipient field names. Additionally, the user fixed a bug related to byte ordering in Ed25519 keys, ensuring proper key handling. Their work demonstrates a focus on strengthening the library's encryption capabilities and adhering to security standards.
golangsigningjosejson-web-tokenjwe
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.