[Openstack-security] [openstack/barbican-specs] SecurityImpact review request change I6022ef7d5a9cec34abed05cceb95e226b1133e56
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Jan 20 15:35:27 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/147267
Log:
commit c87d980bd12c1571c3c335f1a05bd2f0cb2ad5fa
Author: jfwood <john.wood at rackspace.com>
Date: Wed Jan 14 12:24:41 2015 -0600
Save order information on created secrets/containers
Currently there is no information stored on created secrets/containers
as to the order that was used to create them. It would be useful for
information such as the order's metadata to be available to clients
when created secrets or containers are retrieved. Also, there are some
SSL-related workflows involving existing certificate containers that
require information from the original order and order-plugin metadata.
For example, certificate reissue or revocation workflows require
information found only in the original order and plugin metadata such
as the original certificate authority (CA) order ID used to generate
the certificate (stored in order plugin metadata), or original contact
information (stored in order metadata). This blueprint proposes means
to store the information for later access.
APIImpact: Adds an 'order_ref' element to the orders resource response
DocImpact: Update orders resource doc to include 'order_ref'
SecurityImpact: Orders entities could be long-lived now
Implements: blueprint save-order-info-on-created-secrets
Change-Id: I6022ef7d5a9cec34abed05cceb95e226b1133e56
More information about the Openstack-security
mailing list