istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove recovation from security concept doc (#2257)

This commit is contained in:
Tao Li 2018-08-15 09:47:32 -07:00 committed by istio-bot
parent a32d29165d
commit b7976e6d94
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/docs/concepts/security/index.md
View File

@ -108,7 +108,7 @@ Istio provides a more comprehensive security solution, including authentication,
The Istio PKI is built on top of Istio Citadel and securely provisions strong workload identities to every workload.
Istio uses X.509 certificates to carry the identities in [SPIFFE](https://spiffe.io/) format.
The PKI also automates the key & certificate rotation and revocation at scale.
The PKI also automates the key & certificate rotation at scale.
Istio supports services running on both Kubernetes pods and on-premises machines.
Currently we use different certificate key provisioning mechanisms for each scenario.
@ -219,7 +219,7 @@ Istio provides two types of authentication:
- Secures service-to-service communication and end-user-to-service
communication.
- Provides a key management system to automate key and certificate
generation, distribution, rotation, and revocation.
generation, distribution, and rotation.
- **Origin authentication**, also known as **end-user authentication**: verifies the
original client making the request as an end-user or device.