The strict mode only allows mutual TLS communication.
Explanation
The statement is somewhat misleading as it suggests that strict mode is exclusively limited to mutual TLS (mTLS) communication, which could imply no other forms of communication are permitted. In practice, while strict mode in configurations like Istio's mTLS heavily enforces mutual TLS by requiring both client and server to present valid certificates for authentication, it doesn't outright disable other types of communication. For example, there can still be non-mTLS communications on different endpoints or configurations, depending on the overall policy setup. However, when strict mTLS is enabled, it is indeed the enforced mode for secure communications between services as defined in the Istio documentation. Thus, while it heavily restricts communications to those that utilize mTLS, it is not an accurate description to say it 'only' allows for this, as there may be other operational factors at play.
Key Points
- Strict mode in Istio focuses on enforcing mutual TLS for secure communication.
- While mutual TLS is emphasized in strict mode, it does not mean all other forms of communication are disabled altogether.
- The statement may imply an absolute that is not entirely accurate, making it somewhat misleading.
