diff options
Diffstat (limited to 'releasenotes/notes/bug-1649735-3c68f3243e474775.yaml')
-rw-r--r-- | releasenotes/notes/bug-1649735-3c68f3243e474775.yaml | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml b/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml index 06741d3..a624c39 100644 --- a/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml +++ b/releasenotes/notes/bug-1649735-3c68f3243e474775.yaml @@ -4,5 +4,19 @@ fixes: [`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] The auth_token middleware no longer attempts to retrieve the revocation list from the Keystone server. The deprecated options - `check_revocations_for_cached` and `check_revocations_for_cached` have been + `revocations_cache_time` and `check_revocations_for_cached` have been removed. + + Keystone no longer issues PKI/PKIZ tokens and now keystonemiddleware's + Support for PKI/PKIZ and associated offline validation has been removed. + This includes the deprecated config options `signing_dir`, and + `hash_algorithms`. + +upgrade: + - > + [`bug 1649735 <https://bugs.launchpad.net/keystone/+bug/1649735>`_] + Keystonemiddleware no longer supports PKI/PKIZ tokens, all + associated offline validation has been removed. The configuration + options `signing_dir`, and `hash_algorithms` have been removed, if + they still exist in your configuration(s), they are now safe to remove. + Please consider utilizing the newer fernet or JWS token formats.
\ No newline at end of file |