On Mon, Jul 30, 2012 at 5:48 PM, Adam Young <ayo...@redhat.com> wrote:
> On 07/30/2012 06:00 PM, Doug Hellmann wrote: > > > > On Mon, Jul 30, 2012 at 5:30 PM, Adam Young <ayo...@redhat.com> wrote: > >> On 07/30/2012 05:17 PM, Kevin L. Mitchell wrote: >> >>> On Mon, 2012-07-30 at 13:50 -0700, Bhuvaneswaran A wrote: >>> >>>> The wiki mentions the password being saved using >>>>> keyring.backend.UncryptedFileKeyring. Does that mean the password is >>>>> >>>> saved >>>> >>>>> in cleartext? Is the file protected in some way besides filesystem >>>>> permissions? >>>>> >>>> As mentioned in wiki page, the password is stored in base64 format. >>>> >>> Which means it's stored in cleartext. That is Not Good(tm) :) >>> >> Can Keyring be used to store a token instead? That would A) be better >> than password and B) avoid a Keystone hit. > > > Don't tokens expire? > > > > Yes, they do, but that is no reason not to put them in the keyring, > > With the PKI tokens, you will be able to query a token's expiry without > going across the wire. > Adam, can you please file a ticket to use keyring to store tokens for keystone? I'll work on it. -- Regards, Bhuvaneswaran A www.livecipher.com
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp