I'm investigating the option space for securing the authenticity and privacy of gRPC transport connections in a service oriented architecture running outside of GCP.
I've narrowed in on a technical solution that looks a lot like the marriage of SPIFFE and ALTS, with some necessary differences. Other threads in this mailing list seem to suggest that despite the ALTS implementation being included in the open source grpc repos, it remains specific to Google, experimental, and unsupported. I wanted to ask and understand: - The level of interest from the community of having a relatively open and extensible identity / authenticity / confidentiality solution for grpc. - What if anything is already underway in the community along these lines. - What Google's roadmap for ALTS+gRPC is. Thanks. -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CAB0PekvQJ0bcjYG-rTkrrSH%3Dc6qG1doJOcMrTMerMN7wxZQVfQ%40mail.gmail.com.
