|
|
|
|
|
|
by raesene9
2757 days ago
|
|
|
Client cert auth is quite good against unauthenticated attacks but has its downsides. At the moment Kubernetes has no certificate revocation process at all, so if one of your users has their cert stolen for an Internet facing cluster, you'll have to rebuild the entire CA and re-issue all certs to get round the problem. |
|
|