yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1776541] [NEW] Enhance PCI-DSS compliance documentation

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: John Dennis <jdennis@xxxxxxxxxx>
Date: Tue, 12 Jun 2018 17:54:35 -0000
Reply-to: Bug 1776541 <1776541@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Keystone provides some documentation on PCI-DSS compliance but it's less
than ideal if you're trying to answer the following questions:

* What are the PCI-DSS requirements?
* How does Keystone satisfy the requirements?
* What release did Keystone add support for a given requirement?
* How do you configure to meet the requirement?

You'll discover the information is (mostly) there but it's scattered
across several documents, release notes, etc. It would be good to have
one document that pulls all the information listed above into one
location to serve as a focal point for those needing to understand PCI-
DSS compliance.

I have written such a document. Rather than duplicate the information in
the other documents it references the information via links where
possible.

This bug is mostly to have something to reference for the Gerrit review
for when the doc is submitted.

** Affects: keystone
     Importance: Undecided
     Assignee: John Dennis (jdennis-a)
         Status: New

** Changed in: keystone
     Assignee: (unassigned) => John Dennis (jdennis-a)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1776541

Title:
  Enhance PCI-DSS compliance documentation

Status in OpenStack Identity (keystone):
  New

Bug description:
  Keystone provides some documentation on PCI-DSS compliance but it's
  less than ideal if you're trying to answer the following questions:

  * What are the PCI-DSS requirements?
  * How does Keystone satisfy the requirements?
  * What release did Keystone add support for a given requirement?
  * How do you configure to meet the requirement?

  You'll discover the information is (mostly) there but it's scattered
  across several documents, release notes, etc. It would be good to have
  one document that pulls all the information listed above into one
  location to serve as a focal point for those needing to understand
  PCI-DSS compliance.

  I have written such a document. Rather than duplicate the information
  in the other documents it references the information via links where
  possible.

  This bug is mostly to have something to reference for the Gerrit
  review for when the doc is submitted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1776541/+subscriptions