diff options
author | Morgan Fainberg <morgan.fainberg@gmail.com> | 2018-10-26 12:33:28 -0700 |
---|---|---|
committer | Colleen Murphy <colleen.murphy@suse.de> | 2019-06-19 12:16:47 -0700 |
commit | b3e84aafc0302b1a87754f438696794076ba844f (patch) | |
tree | 701b96a859805c08470f41fdaf6d97283f2b2c89 /releasenotes | |
parent | 3e62d25dacb4282609d897f8a9cf08c3603b12d7 (diff) | |
download | keystonemiddleware-b3e84aafc0302b1a87754f438696794076ba844f.tar.gz |
Remove PKI/PKIZ support
Keystone server no longer supports PKI/PKIZ. This change removes
keystonemiddleware's support of PKI/PKIZ and associated code.
Change-Id: I9a6639a2aa3774be61972d57f38220f66fd5c0e8
closes-bug: #1649735
partial-bug: #1736985
Diffstat (limited to 'releasenotes')
-rw-r--r-- | releasenotes/notes/bug-1649735-3c68f3243e474775.yaml | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml b/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml index 06741d3..a624c39 100644 --- a/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml +++ b/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml @@ -4,5 +4,19 @@ fixes: [`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The auth_token middleware no longer attempts to retrieve the revocation list from the Keystone server. The deprecated options - `check_revocations_for_cached` and `check_revocations_for_cached` have been + `revocations_cache_time` and `check_revocations_for_cached` have been removed. + + Keystone no longer issues PKI/PKIZ tokens and now keystonemiddleware's + Support for PKI/PKIZ and associated offline validation has been removed. + This includes the deprecated config options `signing_dir`, and + `hash_algorithms`. + +upgrade: + - > + [`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] + Keystonemiddleware no longer supports PKI/PKIZ tokens, all + associated offline validation has been removed. The configuration + options `signing_dir`, and `hash_algorithms` have been removed, if + they still exist in your configuration(s), they are now safe to remove. + Please consider utilizing the newer fernet or JWS token formats.
\ No newline at end of file |