On Tue, Jul 18, 2017 at 12:09 AM 'David Oppenheimer' via Kubernetes user discussion and Q&A <kubernetes-users@googlegroups.com> wrote:
> > Why would having the signed certificate cause a problem? Wouldn't you need > the private key to cause a problem? > Yes, me being inexact again. Something that has certificate authentication *credentials* (cert and key) to authenticate against the Kubernetes API could, in this scenario, also authenticate against etcd, where any Kubernetes access restrictions would not apply. /MR -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
