[openstack-dev] Message level security plans.

Matt Riedemann mriedem at linux.vnet.ibm.com
Thu Jun 12 15:22:13 UTC 2014



On 6/12/2014 10:08 AM, Kelsey, Timothy Joh wrote:
> Hello OpenStack folks,
>
> First please allow me to introduce myself, my name is Tim Kelsey and I’m a security developer working at HP. I am very interested in projects like Kite and the work that’s being undertaken to introduce message level security into OpenStack and would love to help out on that front. In an effort to ascertain the current state of development it would be great to hear from the people who are involved in this and find out what's being worked on or planned in blueprints.
>
> Many Thanks,
>
> --
> Tim Kelsey
> Cloud Security Engineer
> HP Helion
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>

Are you talking about log messages or RPC messages?  For log messages, 
there is a thread that started yesterday on masking auth tokens [1].

If RPC, I'm aware of at least one issue filed against Qpid [2] for 
allowing a way to tell Qpid not to log a message since it might contain 
sensitive information (like auth tokens).

Looks like there is also an older blueprint for trusted messaging here [3].

[1] http://lists.openstack.org/pipermail/openstack-dev/2014-June/037345.html
[2] https://issues.apache.org/jira/browse/QPID-5772
[3] https://blueprints.launchpad.net/oslo.messaging/+spec/trusted-messaging

-- 

Thanks,

Matt Riedemann




More information about the OpenStack-dev mailing list