Enhance PCI-DSS compliance documentation
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenStack Identity (keystone) |
Confirmed
|
Medium
|
John Dennis | ||
Bug Description
Keystone provides some documentation on PCI-DSS compliance but it's less than ideal if you're trying to answer the following questions:
* What are the PCI-DSS requirements?
* How does Keystone satisfy the requirements?
* What release did Keystone add support for a given requirement?
* How do you configure to meet the requirement?
You'll discover the information is (mostly) there but it's scattered across several documents, release notes, etc. It would be good to have one document that pulls all the information listed above into one location to serve as a focal point for those needing to understand PCI-DSS compliance.
I have written such a document. Rather than duplicate the information in the other documents it references the information via links where possible.
This bug is mostly to have something to reference for the Gerrit review for when the doc is submitted.
| Changed in keystone: | |
| assignee: | nobody → John Dennis (jdennis-a) |
| Changed in keystone: | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| tags: | added: documentation pci |
| Lance Bragstad (lbragstad) wrote | #1 |
| Lance Bragstad (lbragstad) wrote | #2 |
This would be nice to have in Rocky, but since PCI-DSS support was implemented prior to Rocky this isn't an RC1 blocker.