There are a number of yum repositories that make connections via http (should
be https). Also, signing keys can be downloaded over http instead of https.
This issue was discovered by Grant Murphy of the Red Hat Product Security Team.
This issue has been addressed in following products:
OpenStack 4 for RHEL 6
Via RHSA-2014:0579 https://rhn.redhat.com/errata/RHSA-2014-0579.html