On 04/22/2015 02:38 PM, Clay Gerrard wrote:
I thought the default token lifetime was 24 hours, it's curious they
only last 1hr for you.
We cut the default time down to an hour. 24 hours is s huge attack
surface. I'd like to make tokens 5 minutes long, with all longer
operations done using some form of delegation (Trust, OAuth etc).
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
