[openstack-dev] [nova][keystone] Message Queue Security

David Chadwick d.w.chadwick at kent.ac.uk
Thu Apr 25 18:55:55 UTC 2013

Conventional wisdom is that you should not roll your own security but 
use tried and trusted mechanisms. So what is wrong with using Kerberos?


On 25/04/2013 17:02, Simo Sorce wrote:
> What I am not going to do and will strongly object to is to add means to
> negotiate algorithms. If you want to go down that rabbit hole we should
> just stop trying to do our own and instead use an existing
> implementation like Kerberos and simply build APIs on top of it so it
> can be exposed via HTTP instead of the traditional stream oriented

More information about the OpenStack-dev mailing list