Neeraj Poddar

How does this impact Authorization and VirtualService routing policies? Will it break existing user config if casing of header keys is preserved?

From a UX point of view having another column where 99% of the time the value is the same won’t get any attention. I still think creating two separate tables...

This feels like it belongs to VirtualService for more fine grained control.

> > How does it work if I have XFCC setting configured via GatewayTopology setting? > > I suppose you mean https://istio.io/latest/docs/ops/configuration/traffic-management/network-topologies/#configuring-x-forwarded-client-cert-headers? There is some overlap for sure but I...

@shamsher31 I think we are a bit confused as to how this revision field is used. Can you elaborate?

I see. But the feature is still experimental afaict, so why remove this comment?

> > I see. But the feature is still experimental afaict, so why remove this comment? > > @nrjpoddar can you please point me to the right docs to verify...

@costinm @howardjohn I don't think we broke a lot of users as evident from the fact that just 1 user has complained so far and the fact that most external...

I like it! Basically setting it to insecure gets you back to old defaults. If cipher configurability is desired we can add this array field that @howardjohn has in future.

Cipher suites names come from openssl so it can be different in other runtimes not based on openssl derivatives.