Explore the challenges and solutions for implementing mutual TLS in service meshes in this 25-minute conference talk. Learn about innovative approaches to simplify, secure, and streamline mTLS adoption in heterogeneous environments. Discover Envoy's advancements, including TLS sniffing and per-endpoint mutual TLS labeling, which address complexities on both client and server sides. Gain valuable insights from years of experience as speakers walk through a frictionless user journey for safely adopting mutual TLS. Understand the intricacies of coordinating mTLS rollout with incremental service mesh adoption in real-world scenarios.
Mutual TLS Adoption Made Simple, Safe and Secure
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Intro
Why mTLS adoption is hard?
Manual approach, config
Server Improvement, sniffing
Server Improvement, Config
Config complexity
Client, improvement
Our Approach, combined
Lessons
Summary
Taught by
CNCF [Cloud Native Computing Foundation]
