Enhance PCI-DSS compliance documentation

Bug #1776541 reported by John Dennis
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Confirmed
Medium
John Dennis

Bug Description

Keystone provides some documentation on PCI-DSS compliance but it's less than ideal if you're trying to answer the following questions:

* What are the PCI-DSS requirements?
* How does Keystone satisfy the requirements?
* What release did Keystone add support for a given requirement?
* How do you configure to meet the requirement?

You'll discover the information is (mostly) there but it's scattered across several documents, release notes, etc. It would be good to have one document that pulls all the information listed above into one location to serve as a focal point for those needing to understand PCI-DSS compliance.

I have written such a document. Rather than duplicate the information in the other documents it references the information via links where possible.

This bug is mostly to have something to reference for the Gerrit review for when the doc is submitted.

John Dennis (jdennis-a)
Changed in keystone:
assignee: nobody → John Dennis (jdennis-a)
Colleen Murphy (krinkle)
Changed in keystone:
status: New → Confirmed
importance: Undecided → Medium
tags: added: documentation pci
Revision history for this message
Lance Bragstad (lbragstad) wrote :

This would be nice to have in Rocky, but since PCI-DSS support was implemented prior to Rocky this isn't an RC1 blocker.

Revision history for this message
Lance Bragstad (lbragstad) wrote :

John, can we propose the original document you wrote for review [0]?

[0] https://github.com/jdennis/documentation/blob/master/openstack/keystone/pci-dss-notes.rst

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.