[Openstack-security] [Bug 1578466] Re: keystone token cache should offer encryption like the middleware cache does
Steve Martinelli
1578466 at bugs.launchpad.net
Tue Nov 15 16:04:35 UTC 2016
** Tags added: caching
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1578466
Title:
keystone token cache should offer encryption like the middleware cache
does
Status in OpenStack Identity (keystone):
Triaged
Bug description:
Keystone middleware's caching of tokens offers HMAC validation and
encryption of the tokens in the cache. This is important because
memcache has literally zero authentication or protection from any user
on the system. So this feature should be ported in from keystone
middleware into keystone.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1578466/+subscriptions
More information about the Openstack-security
mailing list