Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS for the containerd and registry cache communication #203

Open
ialidzhikov opened this issue Jun 3, 2024 · 0 comments · May be fixed by #245
Open

TLS for the containerd and registry cache communication #203

ialidzhikov opened this issue Jun 3, 2024 · 0 comments · May be fixed by #245
Assignees
@dimitar-kostadinov
Labels
area/ipcei IPCEI (Important Project of Common European Interest) area/security Security related ipcei/registry-cache-extension Registry Cache Extension kind/enhancement Enhancement, improvement, extension

Comments

@ialidzhikov
Copy link
Member

ialidzhikov commented Jun 3, 2024
edited
Loading

How to categorize this issue?

/area security
/kind enhancement

What would you like to be added:
Right now the deployed registry caches server requests over plain http. We could potentially use https to prevent any Man-in-the-middle attacks.

The registry does not reload the certificates when they are changed on the file system: distribution/distribution#3712

Why is this needed:
See above.
@gardener-prow gardener-prow bot added area/security Security related kind/enhancement Enhancement, improvement, extension labels Jun 3, 2024
@dimitar-kostadinov dimitar-kostadinov linked a pull request Aug 27, 2024 that will close this issue
Draft
@JordanJordanov JordanJordanov added the area/ipcei IPCEI (Important Project of Common European Interest) label Sep 10, 2024
@JordanJordanov JordanJordanov changed the title Research TLS for the containerd and registry cache communication TLS for the containerd and registry cache communication Sep 11, 2024
@ialidzhikov ialidzhikov added the ipcei/registry-cache-extension Registry Cache Extension label Sep 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dimitar-kostadinov dimitar-kostadinov

Labels
area/ipcei IPCEI (Important Project of Common European Interest) area/security Security related ipcei/registry-cache-extension Registry Cache Extension kind/enhancement Enhancement, improvement, extension
Projects
None yet
Milestone
No milestone
3 participants
@ialidzhikov @JordanJordanov @dimitar-kostadinov