openstack team mailing list archive

Thread
Date

Re: Keystone: 'PKI Signed Tokens' lack support for revocation

To: openstack@xxxxxxxxxxxxxxxxxxx
From: Adam Young <ayoung@xxxxxxxxxx>
Date: Tue, 07 Aug 2012 10:09:15 -0400
In-reply-to: <71BD4F07-1B97-46E4-BF67-08BB8B765A5B@internap.com>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20110930 Thunderbird/7.0.1

On 08/01/2012 09:19 PM, Maru Newby wrote:

I see that support for PKI Signed Tokens has been added to Keystonewithout support for token revocation. I tried to raise this issue onthe bug report:
https://bugs.launchpad.net/keystone/+bug/1003962/comments/4

And the review:

https://review.openstack.org/#/c/7754/
I'm curious as to whether anybody shares my concern and if there is aspecific reason why nobody responded to my question as to whyrevocation is not required for this new token scheme. Anybody?

I have written up a blueprint for PKI token revocation. Please providefeedback.



https://blueprints.launchpad.net/keystone/+spec/pki-revoke


Thanks,


Maru




_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

Follow ups

Re: Keystone: 'PKI Signed Tokens' lack support for revocation
From: Maru Newby, 2012-08-09

References

Keystone: 'PKI Signed Tokens' lack support for revocation
From: Maru Newby, 2012-08-02