Secure keystone usage of memcached
Bug #1753925 reported by
Juan Antonio Osorio Robles
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Invalid
|
High
|
Unassigned |
Bug Description
Currently keystone's usage of memcached if configured with a minimal working configuration. This is fine for regular deployments, however, it doesn't use the best security practices we could be using.
Keystone has the in-built ability to encrypt what it stores in the cache as specified in the documentation [1].
At a minimum we should be authenticating the data we get from the cache. Ideally we should be encrypting it.
[1] https:/
Changed in tripleo: | |
milestone: | rocky-1 → rocky-2 |
To post a comment you must log in.
We don't configure keystone to use memcached. So this is not a bug.