Open Stack

On 26 May 2014 17:20, Gregory Haynes <greg at greghaynes.net> wrote:

> One other, separate issue with letting external SSL pass through to your
> backends has to do with secutity: Your app servers (or in our case
> control nodes) generally have a larger attack surface and are more
> distributed than your load balancers (or an SSL endpoint placed infront
> of them). Additionally, compromise of an external-facing SSL cert is far
> worse than an internal-only SSL cert which could be made backend-server
> specific.
>
> I agree that re-encryption is not useful with our current setup, though:
> It would occur on a control node which removes the security benefits (I
> still wanted to make sure this point is made :)).

We should capture that nuance in the spec, and in the (related)
multiple-hypervisors-for-deployments spec where I pointed out similar
security concerns earlier today.

-Rob



-- 
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud