This repository has been archived by the owner on Sep 19, 2024. It is now read-only.
Move workload cert signing into the kernel #184
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Problem Statement
Currently the agent assigns the workload certificates by signing the workload CSRs coming from the kernel.
Proposed Solution
A better solution would be to move that functionality into the kernel and the agent will only be responsible the sign the intermediate CA CSRs.
Alternatives Considered
Please briefly describe which alternatives, if any, have been considered, including merits of alternate approaches and
tradeoffs being made.
Additional Context
Please provide any other information that may be relevant.
The text was updated successfully, but these errors were encountered: