[Openstack-security] [openstack/nova-specs] SecurityImpact review request change I98dac99ba1c13825a56f386a48ee2ebe76b8947a
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Sat Mar 4 02:21:55 UTC 2017
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/441538
Log:
commit 083cdecab2e59ecaa5ab7e664516f1c7a18da7d6
Author: Peter Hamilton <peter.hamilton at jhuapl.edu>
Date: Fri Mar 3 21:17:27 2017 -0500
Add support for certificate validation
This spec describes changes that would allow Nova to perform
certificate validation when verifying Glance image signatures.
While image signing ensures that image data is obtained
unmodified from Glance, it does not prevent an attacker from
uploading and signing a malicious image. The addition of
Nova API changes allows Nova users to control the certificates
which are allowed to sign images.
This spec describes work related to image verification. For
more information, see: https://review.openstack.org/#/c/343654
For more information on past revisions and discussions on this
spec, see: https://review.openstack.org/#/c/357151
SecurityImpact
DocImpact
Change-Id: I98dac99ba1c13825a56f386a48ee2ebe76b8947a
More information about the Openstack-security
mailing list