UUID is a more friendly default token provider than PKI
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Wishlist
|
Morgan Fainberg |
Bug Description
PKI has been the default token provider since Grizzly. Early in the Grizzly development cycle, PKI was established as the default, primarily to expose the implementation to a broad developer audience to work out any issues. Issues were immediately discovered that prevented PKI from becoming the default in production deployments, and that has been an ongoing theme ever since. As of the Juno development cycle, there are still unresolved issues that prevent PKI from being a reasonable production choice. The following etherpad summarizes the Keystone community's perspective on each technology:
https:/
This was also discussed in the July 29th keystone meeting:
http://
It therefore follows that UUID, or a variant thereof, should become the default token provider for Juno.
tags: | added: user-experience |
Changed in keystone: | |
assignee: | Dolph Mathews (dolph) → Morgan Fainberg (mdrnstm) |
tags: | added: pki |
Changed in keystone: | |
milestone: | juno-3 → juno-rc1 |
Changed in keystone: | |
status: | Fix Committed → Fix Released |
Changed in keystone: | |
milestone: | juno-rc1 → 2014.2 |
Fix proposed to branch: master /review. openstack. org/110488
Review: https:/