Credential Encryption

Eliminate the implication that credential encryption does encryption as part of db_sync Change-Id: I9020560d960274752d71de51e81d01cbcb0e4b31
2016-06-02 12:05:27 -05:00 · 2016-06-02 12:05:27 -05:00 · 0597999783
parent 08e2eff768
commit 0597999783
1 changed files with 4 additions and 3 deletions
--- a/specs/keystone/newton/credential-encryption.rst
+++ b/specs/keystone/newton/credential-encryption.rst
@ -84,9 +84,10 @@ Work Items
 ----------

 * Update credentials driver to support encryption.
-* Document Credential driver configuration changes.
-* Write Keystone database migration for existing credentials.  If deployer has
-  not specified encryption keys, migration will not re-encrypt the credentials.
+* Document upgrade process and how to enable encryption.
+* Write keystone-manage command to encrypt existing credentials.  If deployer
+  has not specified encryption keys, migration will not re-encrypt the
+  credentials.
 * Write tests to verify functionality.

 Dependencies