Description
What would you like to be added:
The ability for a HTTPS (or TLS generally) endpoint to require that the client present a certificate that can be validated according to some configurable policy.
Why is this needed:
As an application developer, I want to restrict access to my application to a certain audience of clients. The audience is defined by one or more of
- a collection of specific TLS certificates (maybe by hash)
- a collection of subject names in certificates
- a collection of certificates issued by a specific (unique) CA
I want the infrastructure to guarantee that I only receive client traffic that originates from this audience.
/kind user-story
Metadata
Metadata
Assignees
Labels
Categorizes issue or PR as related to a new feature.PRs related to Gateway Enhancement Proposal(GEP)Categorizes an issue as capturing a user storyMust be staffed and worked on either currently, or very soon, ideally in time for the next release.This indicates a subtask of a feature, bug, or smaller issue for the v1.4 release.
Type
Projects
Status
Provisional
Status
Next