Loading…
Attending this event?
Amsterdam, The Netherlands
March 30–April 2, 2020

Learn More and Register to Attend This Event
Tuesday, March 31 • 12:00 - 12:35
Mutual TLS Adoption Made Simple, Safe and Secure - Lizan Zhou, Tetrate & Jianfei Hu, Google

Sign up or log in to save this to your schedule and see who's attending!

Tweet Share
Rolling out mutual TLS to service meshes is challenging. In the real world, service mesh adoptions are incremental. Services deployment are heterogenous, consisting of workloads with or without sidecar, able or unable to speak mutual TLS, on both client and server side. Coordinating the mutual TLS rolling out with service mesh adoption is hard.

In this talk, Jianfei and Lizan will explain the lessons learned from the last several years experience. Specifically, we walk through Envoy innovations to address the problem on both client and server side: TLS sniffing on the server side and per endpoint mutual TLS labeling mechanism on the client side. In the end, we show how these techniques combined together to offer a frictionless user journey to adopt mutual TLS safely.
Speakers
avatar for Lizan Zhou

Lizan Zhou

Software Engineer, Tetrate
Lizan Zhou is a Founding Engineer at Tetrate leading traffic management. He is a senior maintainer of Envoy and one of the core contributors of Istio. Previously he was working at Google Cloud, during his time at Google he worked on security and networking on Istio and Cloud Endpoints... Read More →
JH

Jianfei Hu

Software Engineer, Google
Jianfei Hu is a Google software engineer, working on Istio. Since beginning, he\'s been working on improving mutual TLS adoption experience. Before that, he works on Google App Engine and Serverless products.

Tuesday March 31, 2020 12:00 - 12:35
TBA
  Service Mesh
Feedback form isn't open yet.

Attendees (40)