[openstack-dev] Message level security plans.

Kelsey, Timothy Joh tim.kelsey at hp.com
Thu Jun 12 15:31:51 UTC 2014

Thanks for the info Matt, I guess I should have been clearer about what I
was asking. I was indeed referring to the trusted RPC messaging proposal
you linked. Im keen to find out whats happening with that and where I can

Tim Kelsey
Cloud Security Engineer
HP Helion

On 12/06/2014 16:22, "Matt Riedemann" <mriedem at linux.vnet.ibm.com> wrote:

>On 6/12/2014 10:08 AM, Kelsey, Timothy Joh wrote:
>> Hello OpenStack folks,
>> First please allow me to introduce myself, my name is Tim Kelsey and
>>I¹m a security developer working at HP. I am very interested in projects
>>like Kite and the work that¹s being undertaken to introduce message
>>level security into OpenStack and would love to help out on that front.
>>In an effort to ascertain the current state of development it would be
>>great to hear from the people who are involved in this and find out
>>what's being worked on or planned in blueprints.
>> Many Thanks,
>> --
>> Tim Kelsey
>> Cloud Security Engineer
>> HP Helion
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>Are you talking about log messages or RPC messages?  For log messages,
>there is a thread that started yesterday on masking auth tokens [1].
>If RPC, I'm aware of at least one issue filed against Qpid [2] for
>allowing a way to tell Qpid not to log a message since it might contain
>sensitive information (like auth tokens).
>Looks like there is also an older blueprint for trusted messaging here
>[2] https://issues.apache.org/jira/browse/QPID-5772
>Matt Riedemann
>OpenStack-dev mailing list
>OpenStack-dev at lists.openstack.org

More information about the OpenStack-dev mailing list