[openstack-dev] Should TLS settings for listener be set through separate API/model?

Brandon Logan brandon.logan at RACKSPACE.COM
Mon Jun 23 16:54:24 UTC 2014


Vijay,
I think the separate entity is still going to happen.  I don't think it
has remvoed.  Or that is may just be my assumption.

Thanks,
Brandon

On Mon, 2014-06-23 at 15:59 +0000, Vijay Venkatachalam wrote:
> Hi:
> 
>  
> In the “LBaaS TLS termination capability specification” proposal 
>  
> https://review.openstack.org/#/c/98640/
>  
> TLS settings like default certificate container id and SNI cert list are part of the listener properties. 
>  
> I think it is better to have this as a separate entity so that the listener properties are clean and is not “corrupted” with TLS settings.
>  
> I liked the original SSL proposal better where TLS settings was a separate entity.
>  
> It is just 2 properties now but in future the TLS settings would grow and if we are going to introduce a TLS profile/params/settings entity later, it is better to do it now (albeit with min properties).
>  
> Thanks,
> Vijay V.
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



More information about the OpenStack-dev mailing list