Merge "Deprecate 'checksum' computation"

This commit is contained in:
Zuul 2020-04-27 17:00:29 +00:00 committed by Gerrit Code Review
commit b0ad9b1019
1 changed files with 43 additions and 0 deletions

View File

@ -0,0 +1,43 @@
..
This work is licensed under a Creative Commons Attribution 3.0 Unported
License.
http://creativecommons.org/licenses/by/3.0/legalcode
=========================================
Spec Lite: Deprecate Checksum Computation
=========================================
..
Mandatory sections
:project: glance
:problem: The glance 'checksum' image property contains an MD5 hash of image
data. MD5 has not been considered secure for some time, and in
order to comply with various security standards, an implementation
of the MD5 algorithm may not be available on glance nodes.
:solution: Announce that Glance will no longer populate the 'checksum' on new
images beginning with the Victoria release. Instead, operators
should rely on the secure "multihash" feature that was introduced
in Rocky. The 'checksum' property will remain on legacy images.
:impacts: None.
..
Optional sections -- delete any that don't apply to this spec lite
:how: In Ussuri: release note. In Victoria: Remove the code that uses MD5.
(This will affect primarily the glance_store drivers.)
:alternatives: We could check to see if the algorithm is available, and if it
is, compute the MD5. But this seems pointless as the secure
multihash is already being computed for all new images.
We could remove the 'checksum' entirely, but this would require
a migration to the multihash. For at least some backends, this
would mean downloading the image data for each legacy image to
do the computation, which could take a very long time.
:timeline: Deprecation and release note in Ussuri; removal in Victoria.