Implementing the secure admin feature involves adding two new
commands, enable-secure-admin and disable-secure-admin.
These will be used primarily in domains with instances which would
suggest they belong in cluster/cli - which are actually instance
related commands not commands related only to clusters, but that's a
separate topic entirely.
It's possible, though, that a user running a domain containing only
the DAS would want to have the DAS authenticate itself to clients
using its certificate. So enabling secure admin would make sense
there too.
So I am leaning toward putting these commands into admin/cli.
Comments?
- Tim