With regard to: https://blueprints.launchpad.net/keystone/+spec/key-distribution-server During today's project status meeting [1], the state of KDS was discussed [2]. To quote ttx directly: "we've been bitten in the past with late security-sensitive stuff" and "I'm a bit worried to ship late code with such security implications as a KDS." I share the same concern, especially considering the API only recently went up for formal review [3], and the WIP implementation is still failing smokestack [4]. I'm happy to see the reviews in question continue to receive their fair share of attention over the next few weeks, but can (and should?) merging be delayed until icehouse while more security-focused eyes have time to review the code? Ceilometer and nova would both be affected by a delay, as both have use cases for consuming trusted messaging [5] (a dependency of the bp in question). Thanks for you feedback! [1]: http://eavesdrop.openstack.org/irclogs/%23openstack-meeting/%23openstack-meeting.2013-08-13.log [2]: http://paste.openstack.org/raw/44075/ [3]: https://review.openstack.org/#/c/40692/ [4]: https://review.openstack.org/#/c/37118/ [5]: https://blueprints.launchpad.net/oslo/+spec/trusted-messaging -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130813/52f96776/attachment.html>