Keystone Private Key not securely sent to host
Bug #1401300 reported by
Gregory Haynes
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Expired
|
Undecided
|
Unassigned |
Bug Description
We now use heat + oac to send the keystone ssl key to the keystone host. This is not a secure communication channel and leaves the key permanently stored in bothe the heat database and available via the cfn api.
Changed in tripleo: | |
assignee: | nobody → Gregory Haynes (greghaynes) |
Changed in tripleo: | |
assignee: | Gregory Haynes (greghaynes) → nobody |
Changed in tripleo: | |
importance: | Critical → High |
To post a comment you must log in.
11:17 < greghaynes> ok, I can take on assessing it since im pretty familiar with whats going on
Proof he wants this. ;)