Trusted Messaging / RPC
Openstack messaging assumes a trusted network and trusted peers. However, with end-users accessing compute resources, privilege escalation is a viable concern requiring encryption or identity validation to solve. This blueprint seeks to implement a trusted messaging pattern utilizing encryption and/or signing of messages to verify the identities of senders and the validity of their messages.
This code should be abstracted to work over all RPC mechanisms, if possible. Additionally, it is likely that this will require a challenge-response mechanism and perfect-
The rpc code has moved to oslo-incubator since this blueprint was filed, so it's no longer appropriate to have this in nova. A similar blueprint should be opened for oslo. --russellb
Re-evaluate new rpc envelope irt trusted-messaging: INPROGRESS
* Blueprints in grey have been implemented.