There is currently no straightforward way to broadcast or multicast a mutual transport layer security (mTLS) message between a server and multiple clients. If the clients are spread in different geographic regions and have varying network speeds and bandwidth, multicasting is more difficult. This disclosure describes techniques to send multicast messages to a set of endpoints over a freshly formed secure channel using temporary certificates. The task of secure channel formation is performed by functions-as-a-service (FaaS) type cloud computing, invoked in regions close to the endpoints to provide low latency and networking costs. The described techniques streamline multicast mTLS by offloading messages to serverless services rather than to the mTLS broker. The techniques can be applied to manage widely distributed endpoints.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Namer, Assaf, "Multicast Implementation Over Mutual Transport Layer Security (mTLS)", Technical Disclosure Commons, (July 19, 2022)