Taahir Ahmed
Taahir Ahmed
I'm planning to address these issues today.
Done --- updated the description as well.
Docs for the Alpha API landed in 1.27: https://github.com/kubernetes/website/pull/40065
> Is this related to [ClusterTrustBundles](https://kubernetes.io/docs/reference/access-authn-authz/certificate-signing-requests/#cluster-trust-bundles)? They're intended to work together. It's not needed for the kube-apiserver client certificate use case, but if someone were to build a pod-to-pod mTLS...
Capturing some notes from discussion with Jordan: * For Alpha, we are unsure about how much we want existing things that understand client certs to understand these new certs. To...
> @ahmedtd please don't forget to creating a PRR file (see template in https://github.com/kubernetes/enhancements/blob/master/keps/prod-readiness/template/nnnn.yaml) and answering the questions, feel free to assign me for the PRR approval. I added the...
> Capturing some notes from discussion with Jordan: > > * For Alpha, we are unsure about how much we want existing things that understand client certs to understand these...
@soltysh > This holds, especially the rollout when you have api enablement + 3 various feature gates. Although I believe the overall recommendation will be to turn all at once....
/sig auth