Open globalcitizen opened 9 years ago
eyakubovich
commented
9 years ago We're moving the whole presence of metadata service to being optional. However, we didn't consider making an identity portion being optional. I think it's a valid concern.
globalcitizen
commented
9 years ago Valid outside the container, entropy-inducing within the container and encouraging of poor separation of concerns (ie. to put this bluntly, infrastructure-related logic should not be within the application container itself, or you lose portability).
Under the "do one thing and do it well" philosophy...
The HMAC add-on to PODs is interesting however strikes me as overkill for many cases (eg. those where an existing network authentication mechanism is in play, public DNS/GPG/HTTPS is required for the purpose of the application, or where the portability of the overall solution across virtualization infrastructure types/paradigms/implementations is required).
It doesn't feel like it should be a core feature.