Open Stack

> If you think I am way off beam, please say

I don't think you're way off base.  And yet, I do appreciate Gabriel's
comments here too.  As a member of OSSG, I was just brought into this
discussion somewhat recently.  My goal here isn't to rehash all of
what has been said in the past.  Rather, I would like to see what can
be done to improve on this feature -- and others -- from a security
viewpoint for future releases.

For this particular feature, I propose that we step back and draw up a
state diagram so that we can all be on the same page with regards to
what is happening and why.  From there, we can more easily have a
constructive discussion about how to improve it, if needed.  Dolph,
could you take a first pass at putting this together?

I do believe that work needs to be done within the OpenStack community
to improve security.  Compensating controls, while useful, are not
always enough.  I am most certainly interested in taking concrete
steps forward in the right direction.  Even if they start out small.
And I acknowledge that this is hard because it involves process as
much as it does code.  But I'm open to suggestions for where to start
:-)

Cheers,
-bryan