Following up on the discussion in #896, I think we should standardize and structure TLS options in Gateway API.
At the current state, these options can only be set via domain-prefixed keys in the tls.options map (e.g., kgateway.dev/cipher-suites) and are implementation-specific. Even if multiple implementations support the same set of options, the key names and value syntax differ, that makes them non-portable across implementations and impossible to cover with conformance tests.
/kind gep
/kind feature
Following up on the discussion in #896, I think we should standardize and structure TLS options in Gateway API.
At the current state, these options can only be set via domain-prefixed keys in the
tls.optionsmap (e.g.,kgateway.dev/cipher-suites) and are implementation-specific. Even if multiple implementations support the same set of options, the key names and value syntax differ, that makes them non-portable across implementations and impossible to cover with conformance tests./kind gep
/kind feature