Proposal to protect ISTIO CA key using SoftHSM


#1

Hi,

I would like to propose an enhancement to protect CA key using SoftHSM. I am new to community and not sure how to go about this, any pointers to get started will be highly appreciated.


#2

Hi @mrangana,

For enhancements the process is generally:

  1. Write a design doc explaining the use case, requirements, and design. Add the doc to the security working group folder and use the Istio Design Doc template.
  2. Post here when your doc is ready and ask for feedback
  3. A little while later, present the doc at a security working group meeting
  4. Once agreed, you can start submitting PRs that will implement the enhancement

#3

Thanks for the quick response.

When I try to create a document under the Istio Community > Working groups > Security, get the message “You don’t have permission to edit” message.

How do I get access to this folder?


#4

I forgot that folder is a little locked down. Write your draft under your own Google Drive account, and when its ready one of the admins will copy it into the security working group folder to share more widely.


#5

Oh, hey, I was reminded that to get access to the drive, you need to join https://groups.google.com/forum/#!forum/istio-team-drive-access if you haven’t already.