yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1578466] [NEW] keystone token cache should offer encryption like the middleware cache does

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Matt Fischer <matt@xxxxxxxxxxxxxxx>
Date: Thu, 05 May 2016 03:14:06 -0000
Reply-to: Bug 1578466 <1578466@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Keystone middleware's caching of tokens offers HMAC validation and
encryption of the tokens in the cache. This is important because
memcache has literally zero authentication or protection from any user
on the system.  So this feature should be ported in from keystone
middleware into keystone.

** Affects: keystone
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1578466

Title:
  keystone token cache should offer encryption like the middleware cache
  does

Status in OpenStack Identity (keystone):
  New

Bug description:
  Keystone middleware's caching of tokens offers HMAC validation and
  encryption of the tokens in the cache. This is important because
  memcache has literally zero authentication or protection from any user
  on the system.  So this feature should be ported in from keystone
  middleware into keystone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1578466/+subscriptions

Follow ups

[Bug 1578466] Re: keystone token cache should offer encryption like the middleware cache does
From: Morgan Fainberg, 2018-06-03