Friday, 2019-06-28

*** ricolin has joined #openstack-security02:20
*** threestrands has joined #openstack-security02:23
*** batshadow has joined #openstack-security03:29
*** batshadow has left #openstack-security03:29
*** pcaruana has joined #openstack-security04:36
*** Luzi has joined #openstack-security05:26
*** threestrands has quit IRC06:34
*** rcernin has quit IRC07:16
*** tesseract has joined #openstack-security07:17
*** tesseract has quit IRC07:30
*** tesseract has joined #openstack-security07:32
*** ricolin has quit IRC09:21
*** trident has quit IRC09:27
*** trident has joined #openstack-security09:29
*** pcaruana has quit IRC12:40
*** pcaruana has joined #openstack-security12:41
*** batshadow has joined #openstack-security13:28
*** batshadow has left #openstack-security13:28
*** Abhishek has joined #openstack-security13:54
AbhishekHi All.. while using /v3/auth/tokens api, can we encrypt and pass the password field in the api?13:55
Abhishekcoz i see that when logging in with browser, the userid & password fields can be seen using developer tools page13:56
Abhishekisn't it a low security risk..13:56
*** trident has quit IRC13:56
*** trident has joined #openstack-security13:58
*** Luzi has quit IRC14:02
fungiwhat would you encrypt it with?14:04
fungianyway, probably more of a question for the #openstack-keystone channel first14:04
fungibut dolphm's blog post from when keystone first introduced fernet tokens explains the situation fairly well, i think:
*** Abhishek has quit IRC14:40
*** austin987 has quit IRC15:45
fungigagehugo: what do you think about incorporating stuff from into the security.o.o content revamp?16:19
*** kmalloc is now known as needscoffee16:47
*** ricolin has joined #openstack-security17:19
*** ricolin has quit IRC17:45
*** tesseract has quit IRC18:13
*** pcaruana has quit IRC21:16

Generated by 2.15.3 by Marius Gedminas - find it at!