Pomerium 0.9

June 1, 2020

We are excited to announce the 0.9 release of Pomerium which includes a complete refactor of the proxy service and several security-enhancing features. Those features include:

  • Envoy-based data plane — Pomerium now leverages Envoy for request proxying rather than the previous custom-built proxy. This change gives operators confidence that Pomerium will be able to handle any workload.

  • Client Certificate Support — A core principle of the zero-trust security model is that every request should be not only authenticated and authorized, but also mutually authenticated and encrypted. With this release, Pomerium adds support for mutually authenticated encryption (mTLS) starting with the user’s device itself.

  • JWKS Endpoint — Pomerium now surfaces a JWKS endpoint that can be used by upstream applications as well as other services such as Istio to verify the authenticity of a Pomerium managed request.

Pomerium had 99 commits from 9 authors across 6 organizations in this release. This release also includes additional new features, general improvements, and bug fixes, a complete list of which can be found in the changelog.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any issues, please report them on the Pomerium GitHub issue tracker.

Share:

Stay Connected

Stay up to date with Pomerium news and announcements.

More Blog Posts

See All Blog Posts
Blog
Identity Aware Proxy (IAP): Meaning, Pricing, Solutions
Blog
The Great VPN Myth: What PCI DSS 4.0 Actually Requires for Remote Access
Blog
Zscaler vs. Tailscale vs. Pomerium: Detailed Comparison

Revolutionize
Your Security

Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.

Pomerium logo
© 2024 Pomerium. All rights reserved