search

MKQuantum / QSCServiceMesh

A POC to apply Quantum Safe Crypto (QSC) within a Service Mesh.
0 stars 0 forks source link

Select Security Configuration #5

Open MKQuantum opened 1 year ago

MKQuantum commented 1 year ago

There are 3 types of Security Configurations for Istio:

More ISTIO Security details are here: https://istio.io/latest/docs/concepts/security/

navaneethrameshan commented 1 year ago

For our tests, we intend to incrementally increase security starting with plain HTTP requests for intra-cluster communication. The security levels we'll go through are the following -

  1. Legacy TLS connection from outside the cluster, plain HTTP connection for communication within the cluster
  2. Legacy TLS connection from outside the cluster, legacy strict mTLS connection for communication within the cluster
  3. Legacy TLS connection from outside the cluster, Q-Safe strict mTLS connection for communication within the cluster
  4. Q-Safe TLS connection from outside the cluster, Q-Safe strict mTLS connection for communication within the cluster

After step 4., we'd have enabled complete Q-Safe protection for network communication into and within the cluster.