=============================
#openstack-keystone: keystone
=============================


Meeting started by d34dh0r53 at 15:03:35 UTC.  The full logs are
available at
https://meetings.opendev.org/meetings/keystone/2025/keystone.2025-01-22-15.03.log.html
.



Meeting summary
---------------

* LINK: https://openinfra.dev/legal/code-of-conduct  (d34dh0r53,
  15:03:51)
* roll call  (d34dh0r53, 15:04:02)

* liaison updates  (d34dh0r53, 15:06:46)

* specification OAuth 2.0 (hiromu)  (d34dh0r53, 15:07:08)
  * LINK:
    https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext
    (d34dh0r53, 15:07:17)
  * LINK:
    https://review.opendev.org/q/topic:bp%252Fenhance-oauth2-interoperability
    (d34dh0r53, 15:07:18)
  * LINK: https://review.opendev.org/c/openstack/keystone-specs/+/861554
    (merged)  (d34dh0r53, 15:07:19)
  * LINK: https://review.opendev.org/q/topic:bp%252Fsupport-oauth2-mtls
    (d34dh0r53, 15:07:26)
  * LINK: https://review.opendev.org/c/openstack/keystone/+/838108
    (merged)  (d34dh0r53, 15:07:34)
  * LINK: https://review.opendev.org/c/openstack/keystoneauth/+/838104
    (merged)  (d34dh0r53, 15:07:38)

* specification Secure RBAC (dmendiza[m])  (d34dh0r53, 15:07:50)
  * LINK:
    https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_
    (d34dh0r53, 15:07:52)

* specification OpenAPI support (gtema)  (d34dh0r53, 15:09:22)
  * LINK:
    https://review.opendev.org/q/topic:%22openapi%22+project:openstack/keystone
    (d34dh0r53, 15:09:24)

* specification domain manager (mhen)  (d34dh0r53, 15:13:51)

* specification Include bad password details in audit messages
  (stanislav-z)  (d34dh0r53, 15:15:27)
  * LINK: https://review.opendev.org/c/openstack/keystone-specs/+/915482
    (d34dh0r53, 15:15:31)
  * LINK:
    https://review.opendev.org/q/topic:%22pci-dss-invalid-password-reporting%22
    (d34dh0r53, 15:15:33)

* open discussion  (d34dh0r53, 15:17:52)
  * LINK: https://github.com/gtema/oslo.policy.opa  (gtema, 15:18:09)
  * LINK: https://bugs.launchpad.net/keystone/+bug/1914260 - I wanted to
    start working on this one. Especially for cases when resources are
    *deleted* (e.g. project, or user, etc), only their ID and typeURI
    are reported in audit events (under `target`) - which makes it
    difficult to handle cases e.g. when a real user comes and wants to
    know who deleted their resource, but all they have is the resource'
    name/project/domain - which is at  (stanislav-z, 15:34:34)

* bug review  (d34dh0r53, 15:42:39)
  * LINK: https://bugs.launchpad.net/keystone/?orderby=-id&start=0
    (d34dh0r53, 15:42:41)
  * LINK:
    https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
    (d34dh0r53, 15:42:54)
  * LINK:
    https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
    (d34dh0r53, 15:43:05)
  * LINK:
    https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
    (d34dh0r53, 15:43:17)
  * LINK: https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
    (d34dh0r53, 15:43:28)
  * LINK: https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
    (d34dh0r53, 15:43:37)

* conclusion  (d34dh0r53, 15:43:45)



Meeting ended at 15:47:51 UTC.



People present (lines said)
---------------------------

* d34dh0r53 (70)
* gtema (37)
* dmendiza[m] (7)
* stanislav-z (6)
* mharley[m] (5)
* opendevmeet (3)
* cardoe (3)
* xek (2)



Generated by `MeetBot`_ 0.1.4