Comment 3 for bug 1766546

I think we are trying to fix too many problems here.
This bug refers to serviceaccount keys being different on each node which causes errors in multimaster deployments.
ca.key being exposed to master nodes is a security concern but has nothing to do with this bug.
My point here is that service account key pair does not have to be CA at all, it does not need to be signed by our cluster CA. And generally k8s deployments use different keypar for them.
I suppose we might dont want to use existing ca.key for it(and it's not always presented on master nodes)