Security checklist should ensure that PKI tokens aren't used with an insecure hashing algorithm
Bug #1820813 reported by
Chris MacNaughton
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Keystone Charm |
Fix Released
|
Undecided
|
Chris MacNaughton |
Bug Description
The charm should configure the token hashing algorithm to use SHA256 per the OpenStack Security Guide[1] and then validate it with the action.
Changed in charm-keystone: | |
milestone: | none → 19.04 |
Changed in charm-keystone: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Support for PKI tokens was removed from the charms in the 18.08 release. Would not the fact that we do not support PKI tokens give us a green light for that bullet?