So, for Keystone:
* keystone/common/bufferedhttp.py is apparently used nowhere ?
* keystone/middleware/{s3,ec2}_token.py seem to use HTTPSConnection for a server-to-server request (in most cases connecting to the same host)
I suspect most of the others will be in the same case (servers making HTTPS connections to other local servers) so the MiM risk is limited. To give another data point, most Swift internal server-to-server communications are not even encrypted.
So, for Keystone: common/ bufferedhttp. py is apparently used nowhere ? middleware/ {s3,ec2} _token. py seem to use HTTPSConnection for a server-to-server request (in most cases connecting to the same host)
* keystone/
* keystone/
I suspect most of the others will be in the same case (servers making HTTPS connections to other local servers) so the MiM risk is limited. To give another data point, most Swift internal server-to-server communications are not even encrypted.