Attending this event?
Amsterdam, The Netherlands
August 13–August 16, 2020

Learn More and Register to Attend This Event
Friday, August 14 • 12:00 - 12:35
Mutual TLS Adoption Made Simple, Safe and Secure - Lizan Zhou, Tetrate & Jianfei Hu, Google

Sign up or log in to save this to your schedule and see who's attending!

Rolling out mutual TLS to service meshes is challenging. In the real world, service mesh adoptions are incremental. Services deployment are heterogenous, consisting of workloads with or without sidecar, able or unable to speak mutual TLS, on both client and server side. Coordinating the mutual TLS rolling out with service mesh adoption is hard.

In this talk, Jianfei and Lizan will explain the lessons learned from the last several years experience. Specifically, we walk through Envoy innovations to address the problem on both client and server side: TLS sniffing on the server side and per endpoint mutual TLS labeling mechanism on the client side. In the end, we show how these techniques combined together to offer a frictionless user journey to adopt mutual TLS safely.

avatar for Lizan Zhou

Lizan Zhou

Software Engineer, Tetrate
Lizan Zhou is a Founding Engineer at Tetrate leading traffic management. He is a senior maintainer of Envoy and one of the core contributors of Istio. Previously he was working at Google Cloud, during his time at Google he worked on security and networking on Istio and Cloud Endpoints... Read More →

Jianfei Hu

Software Engineer, Google
Jianfei Hu is a Google software engineer, working on Istio. Since beginning, he\'s been working on improving mutual TLS adoption experience. Before that, he works on Google App Engine and Serverless products.

Friday August 14, 2020 12:00 - 12:35
Feedback form isn't open yet.

Attendees (64)

Twitter Feed