[Openstack-security] [openstack/barbican-specs] SecurityImpact review request change I6022ef7d5a9cec34abed05cceb95e226b1133e56
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Tue Jan 20 15:26:15 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/147267
Log:
commit 3665e21b819f293df5afe902e484a8a026cd0d6b
Author: jfwood <john.wood at rackspace.com>
Date: Wed Jan 14 12:24:41 2015 -0600
Save order information on created secrets/containers
Currently there is no information stored on created secrets/containers
as to the order that was used to create them. It would be useful for
information such as the order's metadata to be available to clients
when created secrets or containers are retrieved. Also, there are some
SSL-related workflows involving existing certificate containers that
require information from the original order and order-plugin metadata.
For example, certificate reissue or revocation workflows require
information found only in the original order and plugin metadata such
as the original certificate authority (CA) order ID used to generate
the certificate (stored in order plugin metadata), or original contact
information (stored in order metadata). This blueprint proposes means
to store the information for later access.
APIImpact: Adds an 'order_ref' element to the orders resource response
DocImpact: Update orders resource doc to include 'order_ref'
SecurityImpact: Orders entities could be long-lived now
Change-Id: I6022ef7d5a9cec34abed05cceb95e226b1133e56
More information about the Openstack-security
mailing list