-
I'm testing ztunnel on 1.22 release.
I have 2 book example apps deployed, one with sidecar and one with ambient.
The sidecar one is working, but with the ambient one I get `io error: invalid peer ce…
-
## Summary
1. When using the default Istio SDS, the current SPIFFE ID format should be the default
2. If using an alternative SPIFFE-compliant SDS, using an alternative SPIFFE ID format _should be…
-
## What would you like Teleport to do?
Investigate implementing https://github.com/spiffe/spire-api-sdk/blob/main/proto/spire/api/agent/delegatedidentity/v1/delegatedidentity.proto in `tbot` to all…
-
It would be great if spiffe-helper could be used as a sidecar under Kubernetes.
This would require two different modes of operation to function well.
1. a new flag for running in job mode. This …
-
Thanks for your work on tkey.
It would be nice to see a version of signer that supports old-school algos such as RSA and the NIST p-curves.
I know Ed2559 is awesome and all that, but unfortunate…
-
We now have support for SPIFFE IDs, and federation through https://github.com/sigstore/fulcio/pull/107!
This means we can issue certs for subjects like `spiffe://somedomain.com/foo/bar`, and authen…
-
I was searching for information about the meetings for the SIG in the SPIFFE.io website and could not find any. It would be handy to have that link available in the website.
Proposed link: https:…
-
To improve the security of the SPIFFE pods it would be great if we can adjust the securityContext recommendation to run with a unique UID.
Checking many out of the box installations of other chart…
-
From looking at the code, this may be by design due to the subcharting strategy. However, `helm.sh/chart:` is reporting the incorrect version for all the charts.
```
❯ helm template -n spire-serv…
-
We have deployed a SPIRE/SPIFFE infrastructure, reason for which I'll be working on a SPIRE/SPIFFE TLS impelementation in the coming days. I think it has the potential to deprecate most of the hack-sc…