[Openstack] State of OpenStack Auth

Michael Mayo mike at openstack.org
Fri Mar 4 01:39:49 UTC 2011

>> It depends.  If you're in a busy area of a big city with 1 bar of EDGE coverage on your phone, latency becomes your biggest connectivity issue.  So if you're only doing something with the API every 24 hours, auth could reasonably be close to 50% of the time you stare in frustration cursing your carrier.
> I think this is a good reason to support both token and request signing. Token works wonderfully for multi-request apps, simplistic curl-type tools, and dev work. Signing works great for infrequent requests and slow links and apps that want that extra bit of security or that have to work over plain text links.

I agree with you, because the end result is giving developers a way to offer end users an optimal experience (which is only needing one request).

More information about the Openstack mailing list