Merge "Add docs for the null key"

2016-09-08 14:05:33 +00:00 · 2016-09-08 14:05:33 +00:00 · e69b839843
parent 5594d45ea7 407f08ec14
commit e69b839843
1 changed files with 11 additions and 2 deletions
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@ -1916,7 +1916,15 @@ will become read-only until the database is contracted. After the contract
 phase is complete, credentials will be writeable to the backend. A
 ``[credential] key_repository`` location must be specified through
 configuration and bootstrapped with keys using ``keystone-manage
-credential_setup`` prior to migrating any existing credentials.
+credential_setup`` prior to migrating any existing credentials. If a new key
+repository isn't setup using ``keystone-manage credential_setup`` keystone will
+assume a null key to encrypt and decrypt credentials until a proper key
+repository is present. The null key is a key consisting of all null bytes and
+its only purpose is to ease the upgrade process from Mitaka to Newton. It is
+highly recommended that the null key isn't used. It is no more secure than
+storing credentials in plain text. If the null key is used, you should migrate
+to a proper key repository using ``keystone-manage credential_setup`` and
+``keystone-manage credential_migrate``.

 Encryption key management
 -------------------------
@ -1930,7 +1938,8 @@ Key management of ``[credential] key_repository`` is handled with three

 ``keystone-manage credential_setup`` will populate ``[credential]
 key_repository`` with new encryption keys. This must be done in order for
-credential encryption to work. This step should only be done once.
+proper credential encryption to work, with the exception of the null key. This
+step should only be done once.

 ``keystone-manage credential_rotate`` will create and rotate a new encryption
 key in the ``[credential] key_repository``. This will only be done if all