-
Epic
-
Resolution: Unresolved
-
Critical
-
None
-
None
-
None
-
Bring Quantum Safe support to GA, including sidecar/ambient
-
False
-
-
False
-
Documentation (Ref Guide, User Guide, etc.), Release Notes
-
In Progress
-
OCPSTRAT-2101 - Protect the keys (use of ML-KEM) in Service Mesh 3
-
0% To Do, 60% In Progress, 40% Done
-
This epic is to bring support for post-quantum computing support to general availability. This includes adding support for PQC algorithms to sidecars and ambient mode ztunnel proxies.
Note: Usage of PQC algorithms will not NOT possible on FIPS enabled clusters, and that is ok - so we should not attempt to test this epic with FIPS.
The output of this epic will be:
- Validating that all encryption within Istio (Istiod, gateways, sidecars, ztunnels, etc) can be secured using PQC algorithms
- Documenting a procedure for users to configure and validate PQC algorithms for all Istio components. This will go into the official product documentation.
Acceptance criteria: (defined in the refinement session)
1. PQC for ingress gateways is GA (we must validate all integration tests with PQC compliance policy).
2. We have product documentation for PQC.
3. Mesh-wide PQC is tech-preview - we must at least know that it works for basic scenarios, but we don't need to validate all integration tests with PQC enabled.
- is cloned by
-
-
- Closed
-
- links to
