I’ve come across a use case for allowing dynamic keys to be made
secret. The hardcoded list is good for common keys, but there will be
cases where masking a custom value is useful without having to add it
to the hardcoded list.
I propose we add an optional parameter that is a list of secret_keys
whose values will be masked.
There is concern that this will lead to differing levels of security.
But I disagree as either the message will be masked before passing on
or mask_password will be called. In this case the developer should be
aware of the incoming data and manually mask it.
Keeping with a hardcoded list discourages use of the function.
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to