1041919 – [RFE][keystone]: Permit NSS as alternative crypto provider

Bug 1041919 - [RFE][keystone]: Permit NSS as alternative crypto provider

Summary: [RFE][keystone]: Permit NSS as alternative crypto provider

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	RFEs
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	RHOS Maint
QA Contact:
Docs Contact:
URL:	https://blueprints.launchpad.net/keys...
Whiteboard:	upstream_milestone_none upstream_stat...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-12 20:04 UTC by RHOS Integration
Modified:	2015-07-22 17:59 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-19 17:13:44 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description RHOS Integration 2013-12-12 20:04:35 UTC

Cloned from launchpad blueprint https://blueprints.launchpad.net/keystone/+spec/allow-nss-for-crypto.

Description:

A variety of crypto providers are available, OpenSSL is the hard coded crypto provider in OpenStack at the moment. Some organizations prefer an alternate crypto provider, i.e. NSS (Network Security Services). This blue print lays out a mechanism to select a crypto provider via configuration, re-factor the code to permit alternate crytpo providers, maintain OpenSSL as the default crypto provider, implement NSS as an alternative, and finally move to in-process crypto library calls as opposed to forking sub-processes to perform crypto operations.

Specification URL (additional information):

https://wiki.openstack.org/wiki/AllowNSSForCrypto

Note You need to log in before you can comment on or make changes to this bug.