Red Hat Security Advisory 2014-1784-01 – Python-keystoneclient is a client library and a command line utility for interacting with the OpenStack Identity API. It was found that Python-keystoneclient treated all settings in paste.ini files as string types. If the “insecure” option were set to any value in a paste.ini configuration file, it would be evaluated as true, resulting in TLS connections being vulnerable to man-in-the-middle attacks. Note that when the “insecure” option was not set in paste.ini, it evaluated to false, and verification was performed.