istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added more security release notes (#5604) 

* Added more security release notes

* Fixes

* auto mtls note

* Fix lint errors
This commit is contained in:
John Howard 2019-11-14 08:47:46 -08:00 committed by Istio Automation
parent 01cfc6572e
commit 048c8e2deb
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/news/2019/announcing-1.4/change-notes/index.md
View File

@ -16,6 +16,8 @@ weight: 10
## Security
- **Added** the [`v1beta1` authorization policy model](/blog/2019/v1beta1-authorization-policy/) for enforcing access control. This will eventually replace the [`v1alpha1` RBAC policy](/docs/reference/config/security/istio.rbac.v1alpha1/).
- **Added** experimental support for [automatic mutual TLS](/docs/tasks/security/authentication/auto-mtls/) to enable mutual TLS without destination rule configuration.
- **Added** experimental support for trust domain migration.
- **Added** experimental [DNS certificate management](/blog/2019/dns-cert/) to securely provision and manage DNS certificates signed by the Kubernetes CA.
- **Improved** Citadel to periodically check and rotate the expired root certificate when running in self-sign CA mode.