On Tue, Mar 24, 2015 at 08:36:28AM -0700, Adam Williamson wrote:
I'm wondering if those products/spins intending to set a policy weaker than the default could all agree on the same one, so there'd only be at most two policies to care about (and if all products/spins overrode the upstream default, there'd only be one).
I won't speak for everyone, but I *think* the general cloud attitude here is to use private/public keys and certificate-based auth instead of passwords in any case.