Evaluate GEP on Client Certificate Validation

nginxinc / nginx-gateway-fabric

NGINX Gateway Fabric provides an implementation for the Gateway API using NGINX as the data plane.

Apache License 2.0

508 stars 97 forks source link

Closed mpstefan closed 7 months ago

mpstefan commented 8 months ago

We need to evaluate the following GEP in the Gateway API to determine its feasibility as written:

The above GEP is evaluated to determine if the new functionality present is feasibly implementable by NGINX.
The GEP has a review added explaining the results of the evaluation, including any improvements necessary to support NGINX, if applicable.

kate-osborn commented 8 months ago

NGINX should be able to implement the GEP as written.

There's one field subjectAltNames that NGINX can't support natively, but that is possible to implement with njs: https://github.com/nginx/njs-examples?tab=readme-ov-file#certificates.

Other implementors have raised questions around this field and it may not be included in the final API.

I will keep monitoring this GEP as it progresses, but will close this issue.