[Openstack-security] [Bug 1578466] Re: oslo.cache should offer encryption in a similar manner to keystonemiddleware cache
Lance Bragstad
lbragstad at gmail.com
Fri Aug 30 13:27:25 UTC 2019
** Summary changed:
- cache should offer encryption in a similar manner to keystonemiddleware cache does
+ oslo.cache should offer encryption in a similar manner to keystonemiddleware cache
** Summary changed:
- oslo.cache should offer encryption in a similar manner to keystonemiddleware cache
+ oslo.cache should offer encryption in a similar manner to keystonemiddleware
--
You received this bug notification because you are a member of OpenStack
Security SIG, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1578466
Title:
oslo.cache should offer encryption in a similar manner to
keystonemiddleware
Status in OpenStack Identity (keystone):
Won't Fix
Status in oslo.cache:
Confirmed
Bug description:
Keystone middleware's caching of tokens offers HMAC validation and
encryption of the tokens in the cache. This is important because
memcache has literally zero authentication or protection from any user
on the system. So this feature should be ported in from keystone
middleware into keystone.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1578466/+subscriptions
More information about the Openstack-security
mailing list