diff --git a/internal/konnect/client.go b/internal/konnect/client.go
index 69de46e8f9..8c4522341e 100644
--- a/internal/konnect/client.go
+++ b/internal/konnect/client.go
@@ -26,8 +26,8 @@ var KicNodeAPIPathPattern = "%s/kic/api/runtime_groups/%s/v1/kic-nodes"
 
 // NewClient creates a Konnect client.
 func NewClient(cfg adminapi.KonnectConfig) (*Client, error) {
-	tlsConfig := tls.Config{ //nolint:gosec
-		Certificates: []tls.Certificate{},
+	tlsConfig := tls.Config{
+		MinVersion: tls.VersionTLS12,
 	}
 	cert, err := tlsutil.ExtractClientCertificates([]byte(cfg.TLSClient.Cert), cfg.TLSClient.CertFile, []byte(cfg.TLSClient.Key), cfg.TLSClient.KeyFile)
 	if err != nil {
@@ -81,7 +81,6 @@ func (c *Client) CreateNode(req *CreateNodeRequest) (*CreateNodeResponse, error)
 
 	if !isOKStatusCode(httpResp.StatusCode) {
 		return nil, fmt.Errorf("non-success response code from Koko: %d, resp body: %s", httpResp.StatusCode, string(respBuf))
-		// TODO: parse returned body to return a more detailed error
 	}
 
 	resp := &CreateNodeResponse{}
diff --git a/internal/konnect/node_agent.go b/internal/konnect/node_agent.go
index 2e9bab39ea..dae3fad609 100644
--- a/internal/konnect/node_agent.go
+++ b/internal/konnect/node_agent.go
@@ -29,7 +29,8 @@ func NewNodeAgent(hostname string, version string, logger logr.Logger, client *C
 		Logger: logger.
 			WithName("konnect-node").WithValues("runtime_group_id", client.RuntimeGroupID),
 		konnectClient: client,
-		// TODO: set refresh interval by flags/envvar
+		// TODO: set refresh interval by some flag
+		// https://github.com/Kong/kubernetes-ingress-controller/issues/3515
 		refreshInterval: defaultRefreshNodeInterval,
 	}
 }
@@ -78,6 +79,7 @@ func (a *NodeAgent) updateNode() error {
 	}
 
 	// TODO: retrieve the real state of KIC
+	// https://github.com/Kong/kubernetes-ingress-controller/issues/3515
 	ingressControllerStatus := IngressControllerStateOperational
 
 	updateNodeReq := &UpdateNodeRequest{
@@ -101,6 +103,7 @@ func (a *NodeAgent) updateNodeLoop() {
 	ticker := time.NewTicker(a.refreshInterval)
 	defer ticker.Stop()
 	// TODO: add some mechanism to break the loop
+	// https://github.com/Kong/kubernetes-ingress-controller/issues/3515
 	for range ticker.C {
 		err := a.updateNode()
 		if err != nil {