I think Pecan is going to be used for API services in the future, moving away from eventlet I guess: https://wiki.openstack.org/wiki/PecanStackForgeTransition I'm looking into the crypto stuff now. > -----Original Message----- > From: Jeffrey Walton [mailto:noloader at gmail.com] > Sent: 08 January 2014 00:38 > To: Clark, Robert Graham > Subject: Fwd: [Openstack-security] [openstack/keystone] > SecurityImpact review request change > I4dbd23adb0bdd9011eb9a0b45e30dd862d390473 > > If there is a util.crypto (I think that's what its called), why is > pecan.request.crypto.encrypt being used to encrypt and sign? Why is > another crypto library being used? Has anyone reviewed > pecan.request.crypto? > > > ---------- Forwarded message ---------- > From: <gerrit2 at review.openstack.org> > Date: Tue, Jan 7, 2014 at 7:08 PM > Subject: [Openstack-security] [openstack/keystone] SecurityImpact > review request change > I4dbd23adb0bdd9011eb9a0b45e30dd862d390473 > To: openstack-security at lists.openstack.org > > > > Hi, I'd like you to take a look at this patch for potential > SecurityImpact. > https://review.openstack.org/59604 > > Log: > commit b47a174dee6154777fce4df6314c1baaa9186bc2 > Author: Jamie Lennox <jamielennox at redhat.com> > Date: Tue Dec 3 12:33:28 2013 +1000 > > Add ticket handling to KDS > > Adds creation of tickets to transmit communication keys between > peers. > > SecurityImpact > blueprint: key-distribution-server > Change-Id: I4dbd23adb0bdd9011eb9a0b45e30dd862d390473 > > > _______________________________________________ > Openstack-security mailing list > Openstack-security at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6187 bytes Desc: not available URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140108/58633566/attachment.bin>