[Openstack] State of OpenStack Auth

Greg gholt at rackspace.com
Thu Mar 3 15:40:59 UTC 2011


On Mar 2, 2011, at 8:30 PM, Jesse Andrews wrote:

> I would prefer a signature based approach as the default (as signatures limits replay attacks; tokens allow an eavesdropper to make arbitrary requests if they obtain a token).

On the other hand, signatures make simple things difficult, such as quick curl requests, dev testing, etc. The usual tradeoff of security and convenience.



More information about the Openstack mailing list