yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1350000] Re: UUID is a more friendly default token provider than PKI

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Tue, 30 Sep 2014 07:09:28 -0000
Reply-to: Bug 1350000 <1350000@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1350000

Title:
  UUID is a more friendly default token provider than PKI

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  PKI has been the default token provider since Grizzly. Early in the
  Grizzly development cycle, PKI was established as the default,
  primarily to expose the implementation to a broad developer audience
  to work out any issues. Issues were immediately discovered that
  prevented PKI from becoming the default in production deployments, and
  that has been an ongoing theme ever since. As of the Juno development
  cycle, there are still unresolved issues that prevent PKI from being a
  reasonable production choice. The following etherpad summarizes the
  Keystone community's perspective on each technology:

    https://etherpad.openstack.org/p/pki-vs-uuid

  This was also discussed in the July 29th keystone meeting:

  http://eavesdrop.openstack.org/meetings/keystone/2014/keystone.2014-07-29-18.01.log.html

  It therefore follows that UUID, or a variant thereof, should become
  the default token provider for Juno.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1350000/+subscriptions

References

[Bug 1350000] [NEW] UUID is a more friendly default token provider than PKI
From: Dolph Mathews, 2014-07-29