<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Apologies for the internal URLs on
this, as It is a cut and past of a page I am using to try and link
all of our resources regarding Keystone together.<br>
<br>
The one URL that might cause some interest is on the RHIdM and
Open Stack integration paper. This is very much a brainstorming
document for a talk that has been proposed for the Red Hat
Summit. Treat it as a teaser for the talk: if you want to know
more, sign up for the RH summit and hope that the talk gets
selected.<br>
<br>
I'll try to provide a more concise summary in the future. The
short of it is that we are in the middle of a development push,
and a lot of things are in flux. The driving goals are to make
Keystone as solid as possible, and to provide an Identity
Management solution in in Open Stack that ties in with the rest of
the organizations deploying Open Stack. The main themes are
better support for:cryptography, LDAP, grouping of users, and
delegation of authority.<br>
<br>
<br>
On 01/14/2013 03:35 PM, Adam Young wrote:<br>
</div>
<blockquote cite="mid:50F46BF8.6030007@redhat.com" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<div class="ace-line" id="magicdomid406"><span
class="author-p-12554">Current status For Red Hat Open Stack
Keystone as of Jan 14, 2012</span></div>
<div class="" id="magicdomid3"><span class="author-p-12554">maintained
Here: <a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://openstack.etherpad.corp.redhat.com/keystone">http://openstack.etherpad.corp.redhat.com/keystone</a></span></div>
<div class="" id="magicdomid4"><br>
</div>
<div class="ace-line" id="magicdomid183"><span
class="author-p-12554">Keystone Upstream Core Devs:</span></div>
<div class="" id="magicdomid6"><br>
</div>
<div class="ace-line" id="magicdomid144"><span
class="author-p-12554">Joe Heck ( will be stepping down as
PTL).</span></div>
<div class="" id="magicdomid8"><span class="author-p-12554">Dolph
Matthews poised to take PTL</span></div>
<div class="" id="magicdomid9"><span class="author-p-12554">Henry
Nash (IBM) </span></div>
<div class="ace-line" id="magicdomid184"><span
class="author-p-12554">Guang Yee (HP) </span></div>
<div class="ace-line" id="magicdomid194"><span
class="author-p-12554">Adam Young</span></div>
<div class="ace-line" id="magicdomid713"><br>
</div>
<div class="ace-line" id="magicdomid815"><span
class="author-p-12554">Things are looking to move faster with
2 new core devs. THey hyave been both active in code reviews.</span></div>
<div class="" id="magicdomid11"><br>
</div>
<div class="" id="magicdomid12"><span class="author-p-12554">Not
Core but Active:</span></div>
<div class="" id="magicdomid13"><span class="author-p-12554"> David
Chadwick (Univ. of Kent)</span></div>
<div class="" id="magicdomid14"><span class="author-p-12554"> Kristy
Sui (Univ. of Kent)</span></div>
<div class="ace-line" id="magicdomid639"><br>
</div>
<div class="ace-line" id="magicdomid1100"><span
class="author-p-12554">Brad Topol and K. Sahdev from IBM
are going to start on LDAP work, to include Backlog item of
supporting LDAP in Devstack</span></div>
<div class="" id="magicdomid15"><br>
</div>
<div class="ace-line" id="magicdomid208"><span
class="author-p-12554">Current Development: G-2 interim
release out last week.</span></div>
<div class="" id="magicdomid17"><br>
</div>
<div class="ace-line" id="magicdomid704"><br>
</div>
<div class="" id="magicdomid22">
<ul class="list-bullet1">
<li><span class="author-p-12554">Trusts (ayoung) Have been
posted as a Work In Progress. Won't be in G-2</span></li>
</ul>
</div>
<div class="" id="magicdomid23">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18973/">https://review.openstack.org/#/c/18973/</a></span></li>
</ul>
</div>
<div class="" id="magicdomid24">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="http://wiki.openstack.org/Keystone/Trusts">http://wiki.openstack.org/Keystone/Trusts</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid351">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://blueprints.launchpad.net/keystone/+spec/trusts">https://blueprints.launchpad.net/keystone/+spec/trusts</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid444">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://bugzilla.redhat.com/show_bug.cgi?id=894925">https://bugzilla.redhat.com/show_bug.cgi?id=894925</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid547">
<ul class="list-bullet1">
<li><span class="author-p-12554">Defining Proejct membership
to mean role assignment:</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid584">
<ul class="list-bullet2">
<li><span class="author-p-12554">Discovered as an Issue with
the V3 API</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid585">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://blueprints.launchpad.net/keystone/+spec/replace-tenant-user-membership">https://blueprints.launchpad.net/keystone/+spec/replace-tenant-user-membership</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid637">
<ul class="list-bullet2">
<li><span class="author-p-12554">Trusts dependant on
implementing</span></li>
</ul>
</div>
<div class="" id="magicdomid26">
<ul class="list-bullet1">
<li><span class="author-p-12554">Scoping a token to a Domain</span></li>
</ul>
</div>
<div class="" id="magicdomid27">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://blueprints.launchpad.net/openstack/?searchtext=domain-scoping">https://blueprints.launchpad.net/openstack/?searchtext=domain-scoping</a></span></li>
</ul>
</div>
<div class="" id="magicdomid28">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18770/">https://review.openstack.org/#/c/18770/</a></span></li>
</ul>
</div>
<div class="" id="magicdomid29">
<ul class="list-bullet2">
<li><span class="author-p-12554">This needs to be followed
with "Scoping a token to an Endpoint"</span></li>
</ul>
</div>
<div class="" id="magicdomid30">
<ul class="list-bullet1">
<li><span class="author-p-12554">Discussion about whether to
allow a token scoped to multiple projects</span></li>
</ul>
</div>
<div class="" id="magicdomid31">
<ul class="list-bullet2">
<li><span class="author-p-12554">My view: should be allowed,
but not the norm, and used only for use cases invloving
transferring resources between projects.</span></li>
</ul>
</div>
<div class="" id="magicdomid32">
<ul class="list-bullet2">
<li><span class="author-p-12554">Would change auth_token
behaviour if allowed.</span></li>
</ul>
</div>
<div class="" id="magicdomid33">
<ul class="list-bullet1">
<li><span class="author-p-12554">Test Keystone again</span><span
class="author-p-12534">st</span><span
class="author-p-12554"> Live SQL Posted for a review</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid211">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18519/">https://review.openstack.org/#/c/18519/</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid292">
<ul class="list-bullet2">
<li><span class="author-p-12554">This is only for SQL Upgrade
tests</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid358">
<ul class="list-bullet2">
<li><span class="author-p-12554">going to require additional
work for the real Unit tests due to how DB schema is
managed</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid362">
<ul class="list-bullet1">
<li><span class="author-p-12554"> Enhance wsgi to listen on
ipv6 address</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid367">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/19400/">https://review.openstack.org/#/c/19400/</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid388">
<ul class="list-bullet1">
<li><span class="author-p-12554">Better SSL support</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid393">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/19562/">https://review.openstack.org/#/c/19562/</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid399">
<ul class="list-bullet1">
<li><span class="author-p-12554">Limit the size of HTTP
requests.</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid403">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/19567/1">https://review.openstack.org/#/c/19567/1</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid415">
<ul class="list-bullet1">
<li><span class="author-p-12554">Stable: Render content-type
appropriate 404 (bug 1089987)</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid440">
<ul class="list-bullet2">
<li><span class="author-p-12554">Needs stable reviewers </span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid443">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18049/">https://review.openstack.org/#/c/18049/</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid638"><br>
</div>
<div class="" id="magicdomid37"><br>
</div>
<div class="" id="magicdomid38"><span class="author-p-12554">Some
discussion about doing things via User names and Project
names. All have identitified that it would be preferable,
but we need to make sure names are URL ready.</span></div>
<div class="" id="magicdomid39"><br>
</div>
<div class="" id="magicdomid40"><span class="author-p-12554">Keystone</span><span
class="author-p-12534"> upstream</span><span
class="author-p-12554"> team meeting (follows immediatly after
RH OS Team meeting)</span></div>
<div class="" id="magicdomid41">
<ul class="list-bullet2">
<li><span class="author-p-12554">Weekly - Tuesdays at 1800 UTC
for ~45 minutes </span></li>
</ul>
</div>
<div class="" id="magicdomid42">
<ul class="list-bullet2">
<li><span class="author-p-12554">IRC channel:
#openstack-meeting </span></li>
</ul>
</div>
<div class="" id="magicdomid43">
<ul class="list-bullet2">
<li><span class="author-p-12554">Chair (to contact for more
information): Joseph Heck </span></li>
</ul>
</div>
<div class="" id="magicdomid44">
<ul class="list-bullet2">
<li><span class="author-p-12554">Agenda </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="http://wiki.openstack.org/Meetings/KeystoneMeeting">http://wiki.openstack.org/Meetings/KeystoneMeeting</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid824"><br>
</div>
<div class="" id="magicdomid45"><br>
</div>
<div class="ace-line" id="magicdomid860"><span
class="author-p-12554">Red Hat Open Stack status</span></div>
<div class="ace-line" id="magicdomid861"><br>
</div>
<div class="ace-line" id="magicdomid951"><span
class="author-p-12554">Responded to Call for Papers with a
FreeIPA/Open Stack integration proposal</span></div>
<div class="ace-line" id="magicdomid954"><span
class="author-p-12554">Summit talk: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="http://etherpad.corp.redhat.com/IdMOpenStack">http://etherpad.corp.redhat.com/IdMOpenStack</a></span></div>
<div class="" id="magicdomid47"><br>
</div>
<div class="" id="magicdomid48"><span class="author-p-12554">RH
Members:</span></div>
<div class="" id="magicdomid49">
<ul class="list-bullet1">
<li><span class="author-p-12554">Adam Young </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://home.corp.redhat.com/user/ayoung">https://home.corp.redhat.com/user/ayoung</a></span></li>
</ul>
</div>
<div class="" id="magicdomid50">
<ul class="list-bullet1">
<li><span class="author-p-12554">Alan Pevec </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://home.corp.redhat.com/user/apevec">https://home.corp.redhat.com/user/apevec</a></span></li>
</ul>
</div>
<div class="" id="magicdomid51"><br>
</div>
<div class="" id="magicdomid52"><span class="author-p-12554">Potential
Members:</span></div>
<div class="" id="magicdomid53">
<ul class="list-bullet1">
<li><span class="author-p-12554">Kurt Seifried </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://home.corp.redhat.com/user/kseifrie">https://home.corp.redhat.com/user/kseifrie</a></span></li>
</ul>
</div>
<div class="" id="magicdomid54">
<ul class="list-bullet1">
<li><span class="author-p-12554">Russell Bryant (Security
Response) </span><span class="author-p-12554 url"><a
moz-do-not-send="true"
href="https://home.corp.redhat.com/user/rbryant">https://home.corp.redhat.com/user/rbryant</a></span></li>
</ul>
</div>
<div class="" id="magicdomid55">
<ul class="list-bullet1">
<li><span class="author-p-12554">QA? </span></li>
</ul>
</div>
<div class="" id="magicdomid56">
<ul class="list-bullet1">
<li><span class="author-p-12554">IdM team member?</span></li>
</ul>
</div>
<div class="" id="magicdomid57"><br>
</div>
<div class="" id="magicdomid58"><span class="author-p-12554">Recruiting
Status: </span></div>
<div class="ace-line" id="magicdomid819">
<ul class="list-bullet1">
<li><span class="author-p-12554">Planning on attending the Job
Fairs at WPI and RPI</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid823">
<ul class="list-bullet1">
<li><span class="author-p-12554">Discussed hiring in Brno with
assisstance of Dmitri's team</span></li>
</ul>
</div>
<div class="" id="magicdomid61"><br>
</div>
<div class="ace-line" id="magicdomid1010"><span
class="author-p-12554">Fedora Status (Package versions,
dependnecies and issues etc)</span></div>
<div class="ace-line" id="magicdomid1021">
<ul class="list-bullet1">
<li><span class="author-p-12554">Raw Hide has Grizzly-2
openstack-keystone-2013.1-0.2.g2.fc19</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid996">
<ul class="list-bullet1">
<li><span class="author-p-12534">el6-grizzly side-repo </span><span
class="author-p-12534 url"><a moz-do-not-send="true"
href="http://repos.fedorapeople.org/repos/openstack/openstack-grizzly/epel-6/">http://repos.fedorapeople.org/repos/openstack/openstack-grizzly/epel-6/</a></span></li>
</ul>
</div>
<div class="" id="magicdomid66"><br>
</div>
<div class="ace-line" id="magicdomid1042"><span
class="author-p-12534">stable/folsom update 1</span><span
class="author-p-12554"> (no change from Jan 8)</span><span
class="author-p-12534">:</span></div>
<div class="" id="magicdomid68">
<ul class="list-bullet1">
<li><span class="author-p-12534">F18 </span><span
class="author-p-12534 url"><a moz-do-not-send="true"
href="https://admin.fedoraproject.org/updates/openstack-keystone-2012.2.1-1.fc18">https://admin.fedoraproject.org/updates/openstack-keystone-2012.2.1-1.fc18</a></span></li>
</ul>
</div>
<div class="" id="magicdomid69">
<ul class="list-bullet1">
<li><span class="author-p-12554">EPEL</span><span
class="author-p-12534"> </span><span
class="author-p-12534 url"><a moz-do-not-send="true"
href="https://admin.fedoraproject.org/updates/openstack-keystone-2012.2.1-1.el6">https://admin.fedoraproject.org/updates/openstack-keystone-2012.2.1-1.el6</a></span></li>
</ul>
</div>
<div class="" id="magicdomid70">
<ul class="list-bullet1">
<li><span class="author-p-12534">RHOS </span><span
class="author-p-12534 url"><a moz-do-not-send="true"
href="https://errata.devel.redhat.com/advisory/14265">https://errata.devel.redhat.com/advisory/14265</a></span></li>
</ul>
</div>
<div class="" id="magicdomid71"><br>
</div>
<div class="" id="magicdomid72"><span class="author-p-12554">RH QA
Status</span></div>
<div class="" id="magicdomid73"><br>
</div>
<div class="" id="magicdomid74"><br>
</div>
<div class="ace-line" id="magicdomid952"><br>
</div>
<div class="" id="magicdomid76"><br>
</div>
<div class="" id="magicdomid77"><span class="author-p-12554">Backlog:</span></div>
<div class="" id="magicdomid78"><span class="author-p-12554">devstack
should set up Keystone with HTTPD</span></div>
<div class="" id="magicdomid79"><br>
</div>
<div class="" id="magicdomid80"><span class="author-p-12554">Important
Links</span></div>
<div class="" id="magicdomid81"><br>
</div>
<div class="" id="magicdomid82"><span class="author-p-12554">First
- launchpad - all the open source contributions basically
revolve around a launchpad ID. </span></div>
<div class="" id="magicdomid83"><span class="author-p-12554">*
launchpad: </span><span class="author-p-12554 url"><a
moz-do-not-send="true" href="https://launchpad.net">https://launchpad.net</a></span></div>
<div class="" id="magicdomid84"><span class="author-p-12554"> *
the keystone project: </span><span class="author-p-12554 url"><a
moz-do-not-send="true" href="https://launchpad.net/keystone">https://launchpad.net/keystone</a></span></div>
<div class="" id="magicdomid85"><span class="author-p-12554"> *
the blueprints (planned feature requests for keystone): </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://blueprints.launchpad.net/keystone">https://blueprints.launchpad.net/keystone</a></span></div>
<div class="" id="magicdomid86"><span class="author-p-12554"> *
Overview of how to get involved and many of these tools</span></div>
<div class="" id="magicdomid87"><span class="author-p-12554"> *
general to any openstack project: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="http://wiki.openstack.org/HowToContribute">http://wiki.openstack.org/HowToContribute</a></span></div>
<div class="" id="magicdomid88"><span class="author-p-12554"> *
Core reviews using reviewboard (authenticated with OAuth
through Launchpad)</span></div>
<div class="" id="magicdomid89"><span class="author-p-12554"> *
code reviews going into keystone: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/q/status:open+keystone,n,z">https://review.openstack.org/#/q/status:open+keystone,n,z</a></span></div>
<div class="" id="magicdomid90"><span class="author-p-12554"> *
code reviews for the V3 keystone (openstack specific) API: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/q/status:open+identity,n,z">https://review.openstack.org/#/q/status:open+identity,n,z</a></span></div>
<div class="" id="magicdomid91"><span class="author-p-12554"> *
Source Code</span></div>
<div class="" id="magicdomid92"><span class="author-p-12554"> *
keystone: </span><span class="author-p-12554 url"><a
moz-do-not-send="true"
href="https://github.com/openstack/keystone">https://github.com/openstack/keystone</a></span></div>
<div class="" id="magicdomid93"><span class="author-p-12554"> *
the python client for keystone: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://github.com/openstack/python-keystoneclient">https://github.com/openstack/python-keystoneclient</a></span></div>
<div class="" id="magicdomid94"><span class="author-p-12554"> *
Documentation</span></div>
<div class="" id="magicdomid95"><span class="author-p-12554"> *
developer documentation (generated from keystone source code):
</span><span class="author-p-12554 url"><a
moz-do-not-send="true"
href="http://docs.openstack.org/developer/keystone/">http://docs.openstack.org/developer/keystone/</a></span></div>
<div class="" id="magicdomid96"><span class="author-p-12554"> *
holistic documentation for openstack (keystone and more): </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="http://docs.openstack.org">http://docs.openstack.org</a></span></div>
<div class="" id="magicdomid97"><span class="author-p-12554"> *
running openstack (keystone and more) on a single machine</span></div>
<div class="" id="magicdomid98"><span class="author-p-12554"> *
(used in OpenStack's CI efforts and for development/test)</span></div>
<div class="" id="magicdomid99"><span class="author-p-12554"> *
</span><span class="author-p-12554 url"><a
moz-do-not-send="true" href="http://devstack.org">http://devstack.org</a></span></div>
<div class="" id="magicdomid100"><br>
</div>
<div class="" id="magicdomid101"><span class="author-p-12554">I
mentioned that Keystone's V3 API is focused on providing
services to other openstack components. The API relevant for
writing plugins (python, classes) is subclassing one of the
drivers, such as "identity" - </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="https://github.com/openstack/keystone/blob/master/keystone/identity/core.py#L63">https://github.com/openstack/keystone/blob/master/keystone/identity/core.py#L63</a></span><span
class="author-p-12554">.</span></div>
<div class="" id="magicdomid102"><br>
</div>
<div class="" id="magicdomid103"><span class="author-p-12554">The
conversations around the design and implementation of
Federation upcoming are happening actively on the
openstack-dev mailing list. For a reasonable web interface to
view and search previous messages and conversations around
this:</span></div>
<div class="" id="magicdomid104"><span class="author-p-12554"> *
</span><span class="author-p-12554 url"><a
moz-do-not-send="true"
href="http://markmail.org/search/?q=openstack-dev%20keystone">http://markmail.org/search/?q=openstack-dev%20keystone</a></span></div>
<div class="" id="magicdomid105"><span class="author-p-12554"> *
more specific to federation discussions: </span><span
class="author-p-12554 url"><a moz-do-not-send="true"
href="http://markmail.org/search/?q=openstack-dev+keystone+federation">http://markmail.org/search/?q=openstack-dev+keystone+federation</a></span></div>
<div class="" id="magicdomid106"><br>
</div>
<div class="" id="magicdomid107"><span class="author-p-12554">lists
can be subscribed to at </span><span class="author-p-12554
url"><a moz-do-not-send="true"
href="http://lists.openstack.org/cgi-bin/mailman/listinfo">http://lists.openstack.org/cgi-bin/mailman/listinfo</a></span></div>
<div class="" id="magicdomid108"><br>
</div>
<div class="" id="magicdomid109"><span class="author-p-12554">The
major actors in Keystone today are all involved on this
mailing list and keep touch weekly during the IRC meetings.</span></div>
<div class="" id="magicdomid110"><br>
</div>
<div class="" id="magicdomid111"><span class="author-p-12554">The
Keystone IRC meetings are held weekly - tuesdays at 1800UTC.
We keep an agenda and previous discussion minutes available
on the OpenStack wiki at </span><span class="author-p-12554
url"><a moz-do-not-send="true"
href="http://wiki.openstack.org/Meetings/KeystoneMeeting">http://wiki.openstack.org/Meetings/KeystoneMeeting</a></span></div>
<div class="" id="magicdomid112"><br>
</div>
<div class="" id="magicdomid113"><br>
</div>
<div class="" id="magicdomid114"><br>
</div>
<div class="" id="magicdomid115"><span class="author-p-12554">Older
Items</span></div>
<div class="" id="magicdomid116"><br>
</div>
<div class="" id="magicdomid117"><span class="author-p-12554">F17</span><span
class="author-p-12534"> CVE-2012-5483 </span><span
class="author-p-12534 url"><a moz-do-not-send="true"
href="https://admin.fedoraproject.org/updates/openstack-keystone-2012.1.3-3.fc17">https://admin.fedoraproject.org/updates/openstack-keystone-2012.1.3-3.fc17</a></span></div>
<div class="" id="magicdomid118">
<ul class="list-bullet1">
<li><span class="author-p-12554">Significant Refactoring
effort that needs to finish prior to trust work</span></li>
</ul>
</div>
<div class="" id="magicdomid119">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/17782/">https://review.openstack.org/#/c/17782/</a></span><span
class="author-p-12554"> </span></li>
</ul>
</div>
<div class="" id="magicdomid120">
<ul class="list-bullet2">
<li><span class="author-p-12554">Just merged, took a lot of
code review back and forth</span></li>
</ul>
</div>
<div class="" id="magicdomid121">
<ul class="list-bullet1">
<li><span class="author-p-12554">Ran the test coverage tool to
identify areas that are untested</span></li>
</ul>
</div>
<div class="" id="magicdomid122">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="http://admiyo.fedorapeople.org/openstack/covhtml/">http://admiyo.fedorapeople.org/openstack/covhtml/</a></span></li>
</ul>
</div>
<div class="" id="magicdomid123">
<ul class="list-bullet1">
<li><span class="author-p-12554">V3 API</span></li>
</ul>
</div>
<div class="" id="magicdomid124">
<ul class="list-bullet1">
<li><span class="author-p-12554">IdM as service catalog
entries</span></li>
</ul>
</div>
<div class="" id="magicdomid125">
<ul class="list-bullet1">
<li><span class="author-p-12554">Attribute Mapping (Kristy
Siu, Kent.ac.uk) (not much happened here over the
holidays)</span></li>
</ul>
</div>
<div class="" id="magicdomid126">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18280/1">https://review.openstack.org/#/c/18280/1</a></span></li>
</ul>
</div>
<div class="" id="magicdomid127"><span class="author-p-12554">Tunables
for QA:</span></div>
<div class="" id="magicdomid128">
<ul class="list-bullet1">
<li><span class="author-p-12554">Databases: SQLite, MySQL,
PostgreSQL</span></li>
</ul>
</div>
<div class="" id="magicdomid129">
<ul class="list-bullet1">
<li><span class="author-p-12554">Identity: can also use LDAP
and PAM</span></li>
</ul>
</div>
<div class="" id="magicdomid130">
<ul class="list-bullet1">
<li><span class="author-p-12554">Memcached or KVS Backends
should not be recommended for deployment or supported</span></li>
</ul>
</div>
<div class="" id="magicdomid131">
<ul class="list-bullet1">
<li><span class="author-p-12554">Token Type</span></li>
</ul>
</div>
<div class="" id="magicdomid132">
<ul class="list-bullet2">
<li><span class="author-p-12554 b"><b>UUID</b></span></li>
</ul>
</div>
<div class="" id="magicdomid133">
<ul class="list-bullet2">
<li><span class="author-p-12554">PKI</span></li>
</ul>
</div>
<div class="" id="magicdomid134">
<ul class="list-bullet1">
<li><span class="author-p-12554">Need to test multiple servers
w/ load balancer in front of it</span></li>
</ul>
</div>
<div class="" id="magicdomid135">
<ul class="list-bullet1">
<li><span class="author-p-12554">Web Server: Eventlet or HTTPD</span></li>
</ul>
</div>
<div class="" id="magicdomid136">
<ul class="list-bullet2">
<li><span class="author-p-12554"> With HTTPD can use remote
authentication: </span></li>
</ul>
</div>
<div class="" id="magicdomid137">
<ul class="list-bullet3">
<li><span class="author-p-12554">Kerberos, </span></li>
</ul>
</div>
<div class="" id="magicdomid138">
<ul class="list-bullet3">
<li><span class="author-p-12554">Basic Auth, and </span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid705">
<ul class="list-bullet3">
<li><span class="author-p-12554">X509 Client cert should all
be tested.</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid709">
<ul class="list-bullet1">
<li><span class="author-p-12554">Groups(henrynash)</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid710">
<ul class="list-bullet2">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://blueprints.launchpad.net/openstack/?searchtext=user-groups">https://blueprints.launchpad.net/openstack/?searchtext=user-groups</a></span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid711">
<ul class="list-bullet2">
<li><span class="author-p-12554">Just merged into Repo:</span></li>
</ul>
</div>
<div class="ace-line" id="magicdomid712">
<ul class="list-bullet3">
<li><span class="author-p-12554 url"><a moz-do-not-send="true"
href="https://review.openstack.org/#/c/18097/">https://review.openstack.org/#/c/18097/</a></span></li>
</ul>
</div>
<div class="" id="magicdomid140"><br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
rhos-list mailing list
<a class="moz-txt-link-abbreviated" href="mailto:rhos-list@redhat.com">rhos-list@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/rhos-list">https://www.redhat.com/mailman/listinfo/rhos-list</a></pre>
</blockquote>
<br>
</body>
</html>