On 6/12/2014 10:08 AM, Kelsey, Timothy Joh wrote:
Hello OpenStack folks, First please allow me to introduce myself, my name is Tim Kelsey and I’m a security developer working at HP. I am very interested in projects like Kite and the work that’s being undertaken to introduce message level security into OpenStack and would love to help out on that front. In an effort to ascertain the current state of development it would be great to hear from the people who are involved in this and find out what's being worked on or planned in blueprints. Many Thanks, -- Tim Kelsey Cloud Security Engineer HP Helion _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Are you talking about log messages or RPC messages? For log messages, there is a thread that started yesterday on masking auth tokens [1].
If RPC, I'm aware of at least one issue filed against Qpid [2] for allowing a way to tell Qpid not to log a message since it might contain sensitive information (like auth tokens).
Looks like there is also an older blueprint for trusted messaging here [3]. [1] http://lists.openstack.org/pipermail/openstack-dev/2014-June/037345.html [2] https://issues.apache.org/jira/browse/QPID-5772 [3] https://blueprints.launchpad.net/oslo.messaging/+spec/trusted-messaging -- Thanks, Matt Riedemann _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
