Comment 13 for bug 1287301

Very good points raised here.

I think this is going to come down to a decision to be made by the deployer - do I use token caching and for how long?

Secure deployments will likely not use caching, deployments with moderate requirements might want to use a shorter cache life and isolated or low risk clouds may even use longer life caches.

Personally I think there's good grounds here for not only an OSSN but also an entry in the OpenStack Security Guide, discussing the tradeoff and possible compensating controls/procedures.