<span id="mailbox-conversation"><div>Sorry to interrupt this discussion.</div>
<div><br></div>
<div>Sean, </div>
<div><br></div>
<div>Since I'm working the neutron client code change, by looking at your code change to nova client, looks like only X-Auth-Token is taken care of in http_log_req. There is also password in header and token id in response. Any particular reason that they are not being taken care of?</div>
<div><br></div>
<div>Thanks, </div>
<div>Xu Han</div></span><div class="mailbox_signature">—<br>Sent from <a href="https://www.dropbox.com/mailbox">Mailbox</a> for iPhone</div>
<br><br><div class="gmail_quote"><p>On Fri, Jun 13, 2014 at 8:47 AM, Gordon Chung <span dir="ltr"><<a href="mailto:chungg@ca.ibm.com" target="_blank">chungg@ca.ibm.com</a>></span> wrote:<br></p><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<font size="2" face="sans-serif">></font><font size="2" color="#4f4f4f" face="sans-serif">
I'm hoping we can just ACK this approach, and get folks to start moving<br>
> patches through the clients to clean this all up.</font>
<br><br><font size="2" face="sans-serif">just an fyi, in pyCADF, we obfuscate
tokens similar to how credit cards are handled: by capturing a percentage
of leading and trailing characters and substituting the middle ie. </font><font size="2" color="#2f2f2f" face="sans-serif">"4724
xxxxxxxx 8478"</font><font size="2" face="sans-serif">. whatever we
decide here, i'm all for having a consistent way of masking and minimising
tokens in OpenStack.<br></font>
<br><font size="2" face="sans-serif">cheers,<br>
gordon chung<br>
openstack, ibm software standards</font>
</blockquote></div><br>