On 10/13/2014 06:21 PM, Preston L. Bannister wrote:
Too-short token expiration times are one of my concerns, in my current
exercise.
Working on a replacement for Nova backup. Basically creating backups
jobs, writing the jobs into a queue, with a background worker that
reads jobs from the
Too-short token expiration times are one of my concerns, in my current
exercise.
Working on a replacement for Nova backup. Basically creating backups jobs,
writing the jobs into a queue, with a background worker that reads jobs
from the queue. Tokens could expire while the jobs are in the queue
On Wed, Oct 1, 2014 at 3:47 AM, Adam Young ayo...@redhat.com wrote:
1. Identify the roles for the APIs that Cinder is going to be calling on
swift based on Swifts policy.json
FYI: there is no Swifts policy.json in mainline code, there is one external
middleware available that provides it
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What is keeping us from dropping the (scoped) token duration to 5 minutes?
If we could keep their lifetime as short as network skew lets us, we would
be able to:
Get rid of revocation checking.
Get rid of persisted tokens.
On 10/01/2014 04:14 AM, Steven Hardy wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What is keeping us from dropping the (scoped) token duration to 5 minutes?
If we could keep their lifetime as short as network skew lets us, we would
be able to:
Get rid of revocation
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has operations which can take a long time, such as uploading and
downloading large images.
signature.asc
Description: Digital signature
On 09/30/2014 10:44 AM, Adam Young wrote:
What is keeping us from dropping the (scoped) token duration to 5 minutes?
If we could keep their lifetime as short as network skew lets us, we
would be able to:
Get rid of revocation checking.
Get rid of persisted tokens.
OK, so that assumes we can
On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has operations which can take a long time, such as uploading and
downloading large images.
On 09/30/2014 11:58 AM, Jay Pipes wrote:
On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has operations which can take a long time, such
On 09/30/2014 12:21 PM, Sean Dague wrote:
On 09/30/2014 11:58 AM, Jay Pipes wrote:
On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has
On 09/30/2014 12:21 PM, Sean Dague wrote:
On 09/30/2014 11:58 AM, Jay Pipes wrote:
On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has
On Oct 1, 2014 12:37 AM, Adam Young ayo...@redhat.com wrote:
On 09/30/2014 12:21 PM, Sean Dague wrote:
On 09/30/2014 11:58 AM, Jay Pipes wrote:
On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young
This is comparable to the HEAT use case that Keystone Trusts were
originally designed to solve.
If the glance client knows the roles required to perform those
operations, it could create the trust up front, with the Glance
Service user as the trustee; the trustee execute the trust when it
13 matches
Mail list logo