Hey everyone! I'm curious if anyone has tackled post-quantum cryptography (PQC) within their ingress controller for Kubernetes. I've noticed that ingress-nginx isn't planning to support this and seems to be shifting focus towards Ingate. With over 50k ingress objects spread across nearly 500 clusters, I'm a bit anxious about switching away from ingress-nginx. Have you started exploring this? What's your approach? Which ingress controller are you considering? I've seen that Traefik supports PQC, and there are ongoing efforts for HAProxy. Also heard that Istio includes it for its gateways, but I'm not sure about internal traffic. Would love to hear your thoughts!
1 Answer
If you're concerned about PQC, I recommend reading this article about quantum cryptanalysis. It dives into the relevance and timing of these security needs. But it's worth noting that leadership is insisting we implement it regardless, so we have to adapt.
True, but at least we have some time! It seems like we've got until 2029 before PQC security really becomes crucial. However, planning for a smooth migration from ingress-nginx to the Gateway API seems wise given that both are on their way to being deprecated.