Communication with brokerdef must be secure. If we integrate user handling at clusterdef level, we could replace user/password auth with client certificate.