1. Proposed title of this feature request

Improve the bootstrapping process to use authentication on the webserver or https connection which is only allowed from certain endpoints.

2. What is the nature and description of the request?
The bootstrap.ign file used for install contains a lot of sensitive data, the documentation doesn't have warning to delete it after install/usage though doing this shouldn't be a additional task.
The validity is for 24 hours though this file contains a lot secure information.
The kubeconfig generated by the installer is valid for 10 years!
There is also no information on the importance of putting access control on the webserver and how to integrate authentication into the bootstrapping process.
So we would like to request a proper authentication and encryption at transport in order to secure it more.

3. Why does the customer need this? (List the business requirements here)
4. List any affected packages or components.