OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Openstack-security] [Bug 1578466] Re: keystone token cache should offer encryption like the middleware cache does


This is something we should build into oslo.cache. I have moved the bug
to wont fix in keystone and added oslo.cache.

** Also affects: oslo.cache
   Importance: Undecided
       Status: New

** Changed in: keystone
       Status: Triaged => Won't Fix

** Summary changed:

- keystone token cache should offer encryption like the middleware cache does
+ cache should offer encryption in a similar manner to keystonemiddleware cache does

-- 
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1578466

Title:
  cache should offer encryption in a similar manner to
  keystonemiddleware cache does

Status in OpenStack Identity (keystone):
  Won't Fix
Status in oslo.cache:
  New

Bug description:
  Keystone middleware's caching of tokens offers HMAC validation and
  encryption of the tokens in the cache. This is important because
  memcache has literally zero authentication or protection from any user
  on the system.  So this feature should be ported in from keystone
  middleware into keystone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1578466/+subscriptions