Revision history [back]

click to hide/show revision 1
initial version

Thanks for the reply.

I've read and experienced quite the opposite with v2. I've seen no documentation for GET /v2.0/tokens and the only way to validate the token is using the PKI method. As apposed to V3.0, there is an API which will do the validation (glad it's there).

Regardless, there is no v3.0 API to retrieve the certificates, which makes me inclined to believe that it (along with all v2.0) could one be fully deprecated and removed, while keystone may still having support for v3.0.

So in summary, if I plan on using the v3.0 API and validating using the PKI method, it seems questionable to be using the GET /v2.0/certificates/signing API to authenticate against objects provided by the v3.0 API - which leads me to wonder if this is a questionable thing to do ?

Thanks for the reply.

I've read and experienced quite the opposite with v2. I've seen no documentation for GET /v2.0/tokens and the only way to validate the token is using the PKI method. As apposed to V3.0, there is an API which will do the validation (glad it's there).

Regardless, there is no v3.0 API to retrieve the certificates, which makes me inclined to believe that it (along with all v2.0) could one day be fully deprecated and removed, while keystone may still having support for v3.0.

So in summary, if I plan on using the v3.0 API and validating using the PKI method, it seems questionable to be using the GET /v2.0/certificates/signing API to authenticate against objects provided by the v3.0 API - which leads me to wonder if this is a questionable thing to do ?

Thanks for the reply.

I've read and experienced quite the opposite with v2. I've seen no documentation for GET /v2.0/tokens and the only way to validate the token is using the PKI method. As apposed to V3.0, there is an API which will do the validation (glad it's there).

Regardless, there is no v3.0 API to retrieve the certificates, which makes me inclined to believe that it (along with all v2.0) could one day be fully deprecated and removed, while keystone may still having support for v3.0.

So in summary, if I plan on using the v3.0 API and validating using the PKI method, it seems questionable to be using the GET /v2.0/certificates/signing API to authenticate pull certs to validate against objects provided by the v3.0 API - which leads me to wonder if this is a questionable thing to do ?