Difference between revisions of "Meetings/KeystoneMeeting"
< Meetings
Jorge Munoz (talk | contribs) (→Main Agenda) |
Jorge Munoz (talk | contribs) (→Main Agenda) |
||
Line 18: | Line 18: | ||
** Are redelegation and impersonation multually exclusive? IMO, it should. | ** Are redelegation and impersonation multually exclusive? IMO, it should. | ||
*** Should it be allowed to create trust with both redelegation and impersonation set to true? | *** Should it be allowed to create trust with both redelegation and impersonation set to true? | ||
− | *** Does it make sense to add a new attribute called ' | + | *** Does it make sense to add a new attribute called 'allow_impersonation' and 'user_for_impersonation' to determine if a trust with redelegation is allow to create a trust with impersonation. |
** Can a trust be created with an impersonated token? | ** Can a trust be created with an impersonated token? | ||
*** If so, how would the request look? | *** If so, how would the request look? |
Revision as of 16:11, 5 February 2016
Contents
Weekly Keystone team meeting
If you're interested in identity, authentication, authorization, and/or policy for OpenStack, we hold public meetings weekly on IRC in #openstack-meeting
, on Tuesdays at 18:00 UTC. Please feel free to add items to the agenda below with your name and we'll cover them.
Regular attendees
Add yourself to this list to be pinged prior to each meeting:
ajayaa, amakarov, ayoung, breton, browne, davechen, david8hu, dolphm, dstanek, ericksonsantos, geoffarnold, gyee, henrynash, hogepodge, htruta, jamielennox, joesavak, lbragstad, lhcheng, marekd, morganfainberg, nkinder, raildo, rodrigods, roxanaghe, samueldmq, shaleh, stevemar, tsymanczyk, topol, vivekd, wanghong, claudiub, rderose, samleon, xek, MaxPC, tjcocozz, jorge_munoz
Agenda for next meeting
Main Agenda
Please add agenda items to the bottom of this section's list (be sure to include your irc_handle
!).
2016-02-09
- Trust workflow
jorge_munoz
- Are redelegation and impersonation multually exclusive? IMO, it should.
- Should it be allowed to create trust with both redelegation and impersonation set to true?
- Does it make sense to add a new attribute called 'allow_impersonation' and 'user_for_impersonation' to determine if a trust with redelegation is allow to create a trust with impersonation.
- Can a trust be created with an impersonated token?
- If so, how would the request look?
- Can a trust be created with impersonation set to true from a trusted token that only allows redelegation (allow_redelegation=True, Impersonation=False)?
- Does the redelegated_trust_id attribute need to be promoted from extras to its own column? (Adding to schema)
- Are redelegation and impersonation multually exclusive? IMO, it should.
Review of Keystone Blueprints for No-Spec Requires Status
Please add BPs to the bottom of this sections list that should be reviewed as not requiring a spec (include your irc_handle
!).
Keystone Weekly Bug Reports
Bugs for the various Keystone repositories are collects and published to the following links. (lbragstad
)
Previous meetings
Logs and meeting summaries of previous meetings are located here.