← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #18256

[Bug 1350000] [NEW] UUID is a more friendly default token provider than PKI

  Thread PreviousDate PreviousThread Next 
Public bug reported:

PKI has been the default token provider since Grizzly. Early in the
Grizzly development cycle, PKI was established as the default, primarily
to expose the implementation to a broad developer audience to work out
any issues. Issues were immediately discovered that prevented PKI from
becoming the default in production deployments, and that has been an
ongoing theme ever since. As of the Juno development cycle, there are
still unresolved issues that prevent PKI from being a reasonable
production choice. The following etherpad summarizes the Keystone
community's perspective on each technology:

  https://etherpad.openstack.org/p/pki-vs-uuid

This was also discussed in the July 29th keystone meeting:

http://eavesdrop.openstack.org/meetings/keystone/2014/keystone.2014-07-29-18.01.log.html

It therefore follows that UUID, or a variant thereof, should become the
default token provider for Juno.

** Affects: keystone
     Importance: Wishlist
     Assignee: Dolph Mathews (dolph)
         Status: Triaged

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1350000

Title:
  UUID is a more friendly default token provider than PKI

Status in OpenStack Identity (Keystone):
  Triaged

Bug description:
  PKI has been the default token provider since Grizzly. Early in the
  Grizzly development cycle, PKI was established as the default,
  primarily to expose the implementation to a broad developer audience
  to work out any issues. Issues were immediately discovered that
  prevented PKI from becoming the default in production deployments, and
  that has been an ongoing theme ever since. As of the Juno development
  cycle, there are still unresolved issues that prevent PKI from being a
  reasonable production choice. The following etherpad summarizes the
  Keystone community's perspective on each technology:

    https://etherpad.openstack.org/p/pki-vs-uuid

  This was also discussed in the July 29th keystone meeting:

  http://eavesdrop.openstack.org/meetings/keystone/2014/keystone.2014-07-29-18.01.log.html

  It therefore follows that UUID, or a variant thereof, should become
  the default token provider for Juno.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1350000/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next