Enhance PCI-DSS compliance documentation

Bug #1776541 reported by John Dennis on 2018-06-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
John Dennis

Bug Description

Keystone provides some documentation on PCI-DSS compliance but it's less than ideal if you're trying to answer the following questions:

* What are the PCI-DSS requirements?
* How does Keystone satisfy the requirements?
* What release did Keystone add support for a given requirement?
* How do you configure to meet the requirement?

You'll discover the information is (mostly) there but it's scattered across several documents, release notes, etc. It would be good to have one document that pulls all the information listed above into one location to serve as a focal point for those needing to understand PCI-DSS compliance.

I have written such a document. Rather than duplicate the information in the other documents it references the information via links where possible.

This bug is mostly to have something to reference for the Gerrit review for when the doc is submitted.

John Dennis (jdennis-a) on 2018-06-12
Changed in keystone:
assignee: nobody → John Dennis (jdennis-a)
Colleen Murphy (krinkle) on 2018-06-15
Changed in keystone:
status: New → Confirmed
importance: Undecided → Medium
tags: added: documentation pci
Lance Bragstad (lbragstad) wrote :

This would be nice to have in Rocky, but since PCI-DSS support was implemented prior to Rocky this isn't an RC1 blocker.

Lance Bragstad (lbragstad) wrote :

John, can we propose the original document you wrote for review [0]?

[0] https://github.com/jdennis/documentation/blob/master/openstack/keystone/pci-dss-notes.rst

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers