Comment 4 for bug 1253823

Looking at the current Keystone code, UUID tokens are generated using uuid.uuid4() and not uuid1(). Same with all supported versions of Keystone (and Folsom, too).

I think this paragraph """

The Identity service could alternatively be configured to provide UUID tokens which are significantly shorter but may be less secure depending on your specific deployment model. Decisions about token implementation should take into consideration the level of trust needed within a given security domain.

"""

should be removed, since the token format is not relevant from a security perspective.