If you are looking to adopt a zero trust security posture, mTLS is a must have when it comes to network communications between various application components that you manage as part of your application such as microservices in a cluster.
TLS is typically used by Internet clients that use the internet to connect to various web services. This means that that only the server needs to verify its identity as its not concerned about the identity of the client.
One way TLS allows you to use passwords, tokens, multifactor authentication and other methods when you need confirmation of the clients identity.
When needing to use a service mesh, mTLS operates outside the application and does not require many changes to the logic of the application for it to be implemented.
mTLS implementation requires a certificate exchange between services, and as the number of services grow managing numerous certificates becomes very time consuming to manage.
Automatic mTLS can be implemented to mitigate the complexity of having to manage a large amount of certificates along with the help of a service mesh.
Reference:
Leave a Reply