Comment 1 for bug 1071865

I'm adding Keystone to this just to make sure that the impact of the change from UUID to PKI tokens by default in Keystone gets tracked.

Thus far, the discussion on resolving this is tending towards enabling token handling via the hash of the token rather than/in addition to the full PKI-signed token ID.