Gossip key rotation clarification


when I install a new gossip key on a Consul server and use it, will the key then send to all clients through rpc or the gossip protocol?


hi @fmp88,

The new gossip encryption key is broadcast using the gossip protocol itself. Also, note that only Consul server agents listen on the RPC port (not clients).

The basic flow of changing the encryption key on a given Serf cluster is:

  • Broadcast new key to cluster via gossip

Ref: Security Model - Serf by HashiCorp

Hi @Ranjandas ,
thanks for the clarification and link to it

In case a node would get compromised and rolling out a new key happens using the old gossip encryption key, how is it then possible to ensure that the new key is not seen by unwanted parties?

Edit, just saw that the documentation specifies that the assumption is that no node is compromised