Tristan, python-swiftclient that is used to interact with Swift doesn't use SSL (see https://github.com/openstack/trove/blob/24b1f25204ae0f3c149851e2b6275a39c4da6768/trove/common/remote.py#L148-L162) due to missing ca_cert attribute.
Actually, i don't think that it's threat since Trove uses MD5 to verify that income stream is not corrupted/modified. But i do agree about MD5 - it's already hacked, but as i can see SHA3 (Keccak) is not a part of Python standard lib. Thoughts?
Tristan, python-swiftclient that is used to interact with Swift doesn't use SSL (see https:/ /github. com/openstack/ trove/blob/ 24b1f25204ae0f3 c149851e2b6275a 39c4da6768/ trove/common/ remote. py#L148- L162) due to missing ca_cert attribute.
Actually, i don't think that it's threat since Trove uses MD5 to verify that income stream is not corrupted/modified. But i do agree about MD5 - it's already hacked, but as i can see SHA3 (Keccak) is not a part of Python standard lib. Thoughts?