I'm good with treating this as a hardening opportunity, and I also don't think an embargo is warranted. I think the mitigation will be in Keystone as that is where the field is defined [1] but we would probably need some client side validation within Horizon as well.
I'm good with treating this as a hardening opportunity, and I also don't think an embargo is warranted. I think the mitigation will be in Keystone as that is where the field is defined [1] but we would probably need some client side validation within Horizon as well.
/ Dave
[1]: https:/ /opendev. org/openstack/ keystone/ src/branch/ master/ keystone/ common/ validation/ parameter_ types.py# L54-L56