[openstack-dev] [Keystone] Blob in keystone v3 certificate API
Nachi Ueno
nachi at ntti3.com
Fri Nov 15 02:55:03 UTC 2013
Hi Keystone guys
I'm going to use keystone credentials API to store SSL-VPN certificate.
However I have a concern about blob attribute.
Since it is really free format. We can't provider validation on the data.
Of course, we can write some helper validation function, but
users can break it...
Also we can't ensure the backward compatibilities with such free
format API definitions.
(1) IMO, we should not use free format attribute such as blob or
arbitrary key,value pairs.
(2) Should we use this API as a storage for certificate used in any
openstack services?
Since it is hard to provider validation on such API, I'm start
thinking to have vpn certificate API in neutron.
Best
Nachi
More information about the OpenStack-dev
mailing list