Secure keystone usage of memcached
Bug #1753925 reported by
Juan Antonio Osorio Robles
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| tripleo |
Invalid
|
High
|
Unassigned | ||
Bug Description
Currently keystone's usage of memcached if configured with a minimal working configuration. This is fine for regular deployments, however, it doesn't use the best security practices we could be using.
Keystone has the in-built ability to encrypt what it stores in the cache as specified in the documentation [1].
At a minimum we should be authenticating the data we get from the cache. Ideally we should be encrypting it.
[1] https:/
| Changed in tripleo: | |
| milestone: | rocky-1 → rocky-2 |
Revision history for this message
| Juan Antonio Osorio Robles (juan-osorio-robles) wrote | #1 |
| Changed in tripleo: | |
| status: | Triaged → Invalid |
To post a comment you must log in.
We don't configure keystone to use memcached. So this is not a bug.