Kamesh Pemmaraju, profile picture
Uploaded byKamesh Pemmaraju
5,690 views

Openstack Keystone

The document summarizes a presentation about the Keystone identity management service in Openstack. The presentation covered an overview of Keystone, its code layout and domain model, how it uses tokens for authentication and authorization, supported backends for persistence, and upcoming features like API version 3 and expanded support for domains, policies, and PKI signed tokens. The presentation concluded with links to more information on Keystone and its roadmap.

Embed presentation

Downloaded 331 times
Openstack Keystone: Deep Dive & Coming Attractions Adam Young Senior Software Engineer, Cloud Red Hat July 24th, 2012 1 Presenter: Adam Young
Agenda ● Overview ● Code Layout ● Tokens ● Folsom Blueprints 2 Presenter: Adam Young
Openstack Overview 3 Presenter: Adam Young
Keystone: Identity Management Server 4 Presenter: Adam Young
Keystone Domain Model 5 Presenter: Adam Young
Code Layout 6 Presenter: Adam Young
WSGI Mapping 7 Presenter: Adam Young
Contrib ● Authorization Mechanism ● EC2 -> Token ● S3 -> Token ● Swift ● CRUD ● Admin ● Services ● Endpoints ● Roles ● User: ● Change Password 8 Presenter: Adam Young
Persistence Backends ● KVS: Key Value Store ● In Memory ● Memcached ● SQL ● SQLite and MySQL ● PostGRES WIP ● LDAP ● Identity only ● Start for Active Directory 9 Presenter: Adam Young
Tokens ● UUID ● Stored in DB ● Verified Online ● Shared Secret 10 Presenter: Adam Young
Token: Request 11 Presenter: Adam Young
Token: Authenticated 12 Presenter: Adam Young
Token:Request for Service 13 Presenter: Adam Young
Token: Verification 14 Presenter: Adam Young
Token:Verified 15 Presenter: Adam Young
Token: Response from Service 16 Presenter: Adam Young
Auth Token Middleware 17 Presenter: Adam Young
EC2 Token Middleware 18 Presenter: Adam Young
Tokens: Pros and Cons ● Pros ● Instantly Revocable ● Small (ish) ● Cons ● Needs network to verify ● Keystone becomes chokepoint ● Is UUID Random Chattiest Part of Openstack 19 Presenter: Adam Young
Folsom Blueprints 20 Presenter: Adam Young
Keystone API V3 ● Emphasize URLS: fully Qualified Resource Location ● Rename Tenants back to Projects ● Clear associations between projects, users and credentials ● Policy implementation specific API ● Many Aspects Deferred ● Priority for Grizzly 21 Presenter: Adam Young
PKIS Signed Tokens: Implementation ● Cryptographically Signed Text ● Crypto Message Syntax (SMIME) ● Contents of “Verify” ● Signed with Keystone Private Key ● Verified using ● OpenSSL ● Public Certificate ● Can also be verified using HTTP 22 Presenter: Adam Young
PKI Signed Tokens: Crypto Commands ● Sign openssl cms -sign -in auth_token.json -nosmimecap -signer cert.pem -inkey key.pem -outform DER -nodetach -nocerts -noattr -out auth_token.signed ● Verify openssl cms -verify -in auth_token.signed -certfile cert.pem -out signedtext.txt -CAfile cacert.pem -inform DER 23 Presenter: Adam Young
Token: Online Verification 24 Presenter: Adam Young
Token: Offline Verification 25 Presenter: Adam Young
Domains: ● ayoung@stoughton Vs ayoung@canton ● Currently One implicit domain ● Grant access from one domain to a ten^H^H^H project in another domain ● Finer grained administration ● True Multiple Tenancy 26 Presenter: Adam Young
Policy/Role Based Access Control ● Replace “isAdmin” ● Currently in Nova ● Belongs in Keystone ● Register for service: ● Roles ● Capabilities ● Multiple Tenants and Roles ● Policy is in Keystone ● Enforcement is on the shoulders of Glance, Nova etc 27 Presenter: Adam Young
Links http://keystone.openstack.org/ https://blueprints.launchpad.net/keystone/ https://docs.google.com/document/d/1VP-bTBbwsn6q- rDzuS9CEKb2ubE1VjbWRFd4BkkjoOY/edit 28 Presenter: Adam Young
Image Attrbibutions ● http://www.flickr.com/photos/jronaldlee/5216040554/lightbox/ ● http://th07.deviantart.net/fs70/PRE/i/2010/098/7/2/Robot_Blueprints_01_by_jordanoth.jpg ● http://followinglesley.files.wordpress.com/2011/03/fake-ttc-tokens.jpg ● http://commons.wikimedia.org/wiki/File:Scroll_Bridge_Keystone_-_geograph.org.uk_-_1299995.jpg ● http://commons.wikimedia.org/wiki/File:Keystone_Grange_of_Barry_bridge_-_geograph.org.uk_-_395082.jpg ● http://xkcd.com/378/ ● http://fc00.deviantart.net/fs51/f/2009/322/1/7/signed__sealed____by_kat013.jpg ● http://th01.deviantart.net/fs71/PRE/f/2012/090/2/a/alnwick_castle_by_newcastlemale-d4uie0a.jpg ● http://3.bp.blogspot.com/_V4w18ZWaPas/TN3LvAzfGEI/AAAAAAAAG_Y/YgnCvp9Na08/s1600/Fake-TTC-Tokens.jpg ● http://en.wikipedia.org/wiki/File:Doorman.JPG 29 Presenter: Adam Young

More Related Content

PPTX
OpenStack Keystone
byDeepti Ramakrishna
 
PPTX
OpenStack Toronto Meetup - Keystone 101
bySteve Martinelli
 
ODP
OpenStack keystone identity service
byopenstackindia
 
PDF
Keystone deep dive 1
byJsonr4
 
PPTX
OpenStack GDL : Hacking keystone | 20 Octubre 2014
byVictor Morales
 
PDF
Istio (service mesh) why and how
byMilan Das
 
PDF
Inside Architecture of Neutron
bymarkmcclain
 
PDF
Keystone Federation
byopenstackindia
 
OpenStack Keystone
byDeepti Ramakrishna
 
OpenStack Toronto Meetup - Keystone 101
bySteve Martinelli
 
OpenStack keystone identity service
byopenstackindia
 
Keystone deep dive 1
byJsonr4
 
OpenStack GDL : Hacking keystone | 20 Octubre 2014
byVictor Morales
 
Istio (service mesh) why and how
byMilan Das
 
Inside Architecture of Neutron
bymarkmcclain
 
Keystone Federation
byopenstackindia
 

What's hot

PPTX
OpenStack Neutron Reverse Engineered
byopenstackindia
 
PPTX
Xplore Group - Flashtalk (Fabric8, Neo4j, GraphQL, OpenID Connect)
byDries Elliott
 
PDF
Securing your Pulsar Cluster with Vault_Chris Kellogg
byStreamNative
 
PPTX
Microservices with Node.js and Apache Cassandra
byJorge Bay Gondra
 
PPTX
Multi tenancy for docker
byAnanth Padmanabhan
 
PPTX
OpenStack Introduction
byopenstackindia
 
PPTX
Service Discovery In Kubernetes
byKnoldus Inc.
 
PDF
Openstack 101
byKamesh Pemmaraju
 
PPTX
Architecting for Microservices Part 2
byElana Krasner
 
PDF
WSO2 Enterprise Service Bus - Product Overview
byWSO2
 
ODP
Introducing OpenStack for Beginners
byopenstackindia
 
PDF
GWT Enterprise Edition
byGilad Garon
 
PDF
Introduction to OpenStack : Barcamp Bangkhen 2016
byOpsta
 
PDF
Docker+java
byDPC Consulting Ltd
 
PPTX
JWTs and JOSE in a flash
byEvan J Johnson (Not a CISSP)
 
PPTX
OpenStack Glance
byopenstackstl
 
PDF
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
byKeith Tobin
 
PPTX
Neutron VEB Plugin
byBIM
 
PDF
Bridges and Tunnels a Drive Through OpenStack Networking
bymarkmcclain
 
PPTX
Confluent Platform Security Components
byconfluent
 
OpenStack Neutron Reverse Engineered
byopenstackindia
 
Xplore Group - Flashtalk (Fabric8, Neo4j, GraphQL, OpenID Connect)
byDries Elliott
 
Securing your Pulsar Cluster with Vault_Chris Kellogg
byStreamNative
 
Microservices with Node.js and Apache Cassandra
byJorge Bay Gondra
 
Multi tenancy for docker
byAnanth Padmanabhan
 
OpenStack Introduction
byopenstackindia
 
Service Discovery In Kubernetes
byKnoldus Inc.
 
Openstack 101
byKamesh Pemmaraju
 
Architecting for Microservices Part 2
byElana Krasner
 
WSO2 Enterprise Service Bus - Product Overview
byWSO2
 
Introducing OpenStack for Beginners
byopenstackindia
 
GWT Enterprise Edition
byGilad Garon
 
Introduction to OpenStack : Barcamp Bangkhen 2016
byOpsta
 
Docker+java
byDPC Consulting Ltd
 
JWTs and JOSE in a flash
byEvan J Johnson (Not a CISSP)
 
OpenStack Glance
byopenstackstl
 
Openstack architecture for the enterprise (Openstack Ireland Meet-up)
byKeith Tobin
 
Neutron VEB Plugin
byBIM
 
Bridges and Tunnels a Drive Through OpenStack Networking
bymarkmcclain
 
Confluent Platform Security Components
byconfluent
 

Viewers also liked

PPTX
openstack keystone
byYong Luo
 
PPTX
Keystone - Openstack Identity Service
byPrasad Mukhedkar
 
PDF
OpenStack keystone identity service
byopenstackindia
 
PDF
Deep dive into highly available open stack architecture openstack summit va...
byArthur Berezin
 
PPTX
Quick overview of Openstack architecture
byToni Ramirez
 
PPTX
OpenStack Architecture and Use Cases
byJalal Mostafa
 
PDF
OpenStack Architecture
byMirantis
 
openstack keystone
byYong Luo
 
Keystone - Openstack Identity Service
byPrasad Mukhedkar
 
OpenStack keystone identity service
byopenstackindia
 
Deep dive into highly available open stack architecture openstack summit va...
byArthur Berezin
 
Quick overview of Openstack architecture
byToni Ramirez
 
OpenStack Architecture and Use Cases
byJalal Mostafa
 
OpenStack Architecture
byMirantis
 

Similar to Openstack Keystone

PDF
Anil saldhana cloudidentitybestpractices
byAnil Saldanha
 
PDF
OpenStack Security
byopenstackindia
 
PDF
Digital Identity
byZendCon
 
PDF
New Trends in Web Security
byOliver Pfaff
 
PPTX
Codemash-2017
byKevin Cody
 
PPT
Shmoocon 2013 - OpenStack Security Brief
byopenfly
 
PPTX
Building IAM for OpenStack
bySteve Martinelli
 
PDF
Consumer Identity Management
bywebhostingguy
 
PPTX
IdM in Smart Applications on Virtual Infrastructure
byMohammad Faraji
 
PDF
UKC - Msc Project - Providing Moonshot access to OpenStack
byVincent Giersch
 
PDF
CIS 2015- Building IAM for OpenStack- Steve Martinelli
byCloudIDSummit
 
PDF
dna-identity-crisis-cloud-web
byRavi Venkat
 
PDF
Five Things You Gotta Know About Modern Identity
byMark Diodati
 
PDF
Protecting Your APIs Against Attack & Hijack
byCA API Management
 
KEY
Unity makes strength
byXavier Mertens
 
PDF
Gluecon oauth-03
byPaul Madsen
 
PDF
My private cloud overview
bydavidwchadwick
 
PDF
Tsunami of Technologies. Are we prepared?
bymsyukor
 
PDF
Meetup open stack_grizzly
byeNovance
 
PPTX
Making Sense of API Access Control
byCA API Management
 
Anil saldhana cloudidentitybestpractices
byAnil Saldanha
 
OpenStack Security
byopenstackindia
 
Digital Identity
byZendCon
 
New Trends in Web Security
byOliver Pfaff
 
Codemash-2017
byKevin Cody
 
Shmoocon 2013 - OpenStack Security Brief
byopenfly
 
Building IAM for OpenStack
bySteve Martinelli
 
Consumer Identity Management
bywebhostingguy
 
IdM in Smart Applications on Virtual Infrastructure
byMohammad Faraji
 
UKC - Msc Project - Providing Moonshot access to OpenStack
byVincent Giersch
 
CIS 2015- Building IAM for OpenStack- Steve Martinelli
byCloudIDSummit
 
dna-identity-crisis-cloud-web
byRavi Venkat
 
Five Things You Gotta Know About Modern Identity
byMark Diodati
 
Protecting Your APIs Against Attack & Hijack
byCA API Management
 
Unity makes strength
byXavier Mertens
 
Gluecon oauth-03
byPaul Madsen
 
My private cloud overview
bydavidwchadwick
 
Tsunami of Technologies. Are we prepared?
bymsyukor
 
Meetup open stack_grizzly
byeNovance
 
Making Sense of API Access Control
byCA API Management
 

More from Kamesh Pemmaraju

PPTX
kamesh Videos
byKamesh Pemmaraju
 
PDF
OpenStack networking - Neutron deep dive with PLUMgrid
byKamesh Pemmaraju
 
PDF
Mirantis OpenStack and Cumulus Linux Webinar
byKamesh Pemmaraju
 
PDF
Designing OpenStack Architectures
byKamesh Pemmaraju
 
PPTX
Open stack icehouse microsoftupdate
byKamesh Pemmaraju
 
PPTX
New Ceph capabilities and Reference Architectures
byKamesh Pemmaraju
 
PPTX
OpenStack and Ceph case study at the University of Alabama
byKamesh Pemmaraju
 
PDF
High Availability for OpenStack
byKamesh Pemmaraju
 
PDF
OpenStack 101 update
byKamesh Pemmaraju
 
PDF
Dell openstack cloud with inktank ceph – large scale customer deployment
byKamesh Pemmaraju
 
PDF
Whats new in neutron for open stack havana
byKamesh Pemmaraju
 
PDF
Postgres Plus Cloud Database on OpenStack
byKamesh Pemmaraju
 
PDF
Massachusetts Open Cloud Initiative
byKamesh Pemmaraju
 
PDF
Dell SUSE Cloud Solution, Powered by OpenStack
byKamesh Pemmaraju
 
PDF
Docker and OpenStack Boston Meetup
byKamesh Pemmaraju
 
PDF
Ceph and openstack at the boston meetup
byKamesh Pemmaraju
 
PDF
Solving Business Challenges with OpenStack
byKamesh Pemmaraju
 
PPTX
Software Defined Networking
byKamesh Pemmaraju
 
PDF
Open stack qa and tempest
byKamesh Pemmaraju
 
PDF
Wicked Easy Ceph Block Storage & OpenStack Deployment with Crowbar
byKamesh Pemmaraju
 
kamesh Videos
byKamesh Pemmaraju
 
OpenStack networking - Neutron deep dive with PLUMgrid
byKamesh Pemmaraju
 
Mirantis OpenStack and Cumulus Linux Webinar
byKamesh Pemmaraju
 
Designing OpenStack Architectures
byKamesh Pemmaraju
 
Open stack icehouse microsoftupdate
byKamesh Pemmaraju
 
New Ceph capabilities and Reference Architectures
byKamesh Pemmaraju
 
OpenStack and Ceph case study at the University of Alabama
byKamesh Pemmaraju
 
High Availability for OpenStack
byKamesh Pemmaraju
 
OpenStack 101 update
byKamesh Pemmaraju
 
Dell openstack cloud with inktank ceph – large scale customer deployment
byKamesh Pemmaraju
 
Whats new in neutron for open stack havana
byKamesh Pemmaraju
 
Postgres Plus Cloud Database on OpenStack
byKamesh Pemmaraju
 
Massachusetts Open Cloud Initiative
byKamesh Pemmaraju
 
Dell SUSE Cloud Solution, Powered by OpenStack
byKamesh Pemmaraju
 
Docker and OpenStack Boston Meetup
byKamesh Pemmaraju
 
Ceph and openstack at the boston meetup
byKamesh Pemmaraju
 
Solving Business Challenges with OpenStack
byKamesh Pemmaraju
 
Software Defined Networking
byKamesh Pemmaraju
 
Open stack qa and tempest
byKamesh Pemmaraju
 
Wicked Easy Ceph Block Storage & OpenStack Deployment with Crowbar
byKamesh Pemmaraju
 

Recently uploaded

PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
December Patch Tuesday
byIvanti
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 

Openstack Keystone

  • 1.
    Openstack Keystone: Deep Dive & Coming Attractions Adam Young Senior Software Engineer, Cloud Red Hat July 24th, 2012 1 Presenter: Adam Young
  • 2.
    Agenda ● Overview ● Code Layout ● Tokens ● Folsom Blueprints 2 Presenter: Adam Young
  • 3.
    Openstack Overview 3 Presenter: Adam Young
  • 4.
    Keystone: Identity ManagementServer 4 Presenter: Adam Young
  • 5.
    Keystone Domain Model 5 Presenter: Adam Young
  • 6.
    Code Layout 6 Presenter: Adam Young
  • 7.
    WSGI Mapping 7 Presenter: Adam Young
  • 8.
    Contrib ● Authorization Mechanism ● EC2 -> Token ● S3 -> Token ● Swift ● CRUD ● Admin ● Services ● Endpoints ● Roles ● User: ● Change Password 8 Presenter: Adam Young
  • 9.
    Persistence Backends ● KVS: Key Value Store ● In Memory ● Memcached ● SQL ● SQLite and MySQL ● PostGRES WIP ● LDAP ● Identity only ● Start for Active Directory 9 Presenter: Adam Young
  • 10.
    Tokens ● UUID ● Stored in DB ● Verified Online ● Shared Secret 10 Presenter: Adam Young
  • 11.
    Token: Request 11 Presenter: Adam Young
  • 12.
    Token: Authenticated 12 Presenter: Adam Young
  • 13.
    Token:Request for Service 13 Presenter: Adam Young
  • 14.
    Token: Verification 14 Presenter: Adam Young
  • 15.
    Token:Verified 15 Presenter: Adam Young
  • 16.
    Token: Response fromService 16 Presenter: Adam Young
  • 17.
    Auth Token Middleware 17 Presenter: Adam Young
  • 18.
    EC2 Token Middleware 18 Presenter: Adam Young
  • 19.
    Tokens: Pros andCons ● Pros ● Instantly Revocable ● Small (ish) ● Cons ● Needs network to verify ● Keystone becomes chokepoint ● Is UUID Random Chattiest Part of Openstack 19 Presenter: Adam Young
  • 20.
    Folsom Blueprints 20 Presenter: Adam Young
  • 21.
    Keystone API V3 ● Emphasize URLS: fully Qualified Resource Location ● Rename Tenants back to Projects ● Clear associations between projects, users and credentials ● Policy implementation specific API ● Many Aspects Deferred ● Priority for Grizzly 21 Presenter: Adam Young
  • 22.
    PKIS Signed Tokens:Implementation ● Cryptographically Signed Text ● Crypto Message Syntax (SMIME) ● Contents of “Verify” ● Signed with Keystone Private Key ● Verified using ● OpenSSL ● Public Certificate ● Can also be verified using HTTP 22 Presenter: Adam Young
  • 23.
    PKI Signed Tokens:Crypto Commands ● Sign openssl cms -sign -in auth_token.json -nosmimecap -signer cert.pem -inkey key.pem -outform DER -nodetach -nocerts -noattr -out auth_token.signed ● Verify openssl cms -verify -in auth_token.signed -certfile cert.pem -out signedtext.txt -CAfile cacert.pem -inform DER 23 Presenter: Adam Young
  • 24.
    Token: Online Verification 24 Presenter: Adam Young
  • 25.
    Token: Offline Verification 25 Presenter: Adam Young
  • 26.
    Domains: ● ayoung@stoughton Vs ayoung@canton ● Currently One implicit domain ● Grant access from one domain to a ten^H^H^H project in another domain ● Finer grained administration ● True Multiple Tenancy 26 Presenter: Adam Young
  • 27.
    Policy/Role Based AccessControl ● Replace “isAdmin” ● Currently in Nova ● Belongs in Keystone ● Register for service: ● Roles ● Capabilities ● Multiple Tenants and Roles ● Policy is in Keystone ● Enforcement is on the shoulders of Glance, Nova etc 27 Presenter: Adam Young
  • 28.
    Links http://keystone.openstack.org/ https://blueprints.launchpad.net/keystone/ https://docs.google.com/document/d/1VP-bTBbwsn6q- rDzuS9CEKb2ubE1VjbWRFd4BkkjoOY/edit 28 Presenter: Adam Young
  • 29.
    Image Attrbibutions ● http://www.flickr.com/photos/jronaldlee/5216040554/lightbox/ ● http://th07.deviantart.net/fs70/PRE/i/2010/098/7/2/Robot_Blueprints_01_by_jordanoth.jpg ● http://followinglesley.files.wordpress.com/2011/03/fake-ttc-tokens.jpg ● http://commons.wikimedia.org/wiki/File:Scroll_Bridge_Keystone_-_geograph.org.uk_-_1299995.jpg ● http://commons.wikimedia.org/wiki/File:Keystone_Grange_of_Barry_bridge_-_geograph.org.uk_-_395082.jpg ● http://xkcd.com/378/ ● http://fc00.deviantart.net/fs51/f/2009/322/1/7/signed__sealed____by_kat013.jpg ● http://th01.deviantart.net/fs71/PRE/f/2012/090/2/a/alnwick_castle_by_newcastlemale-d4uie0a.jpg ● http://3.bp.blogspot.com/_V4w18ZWaPas/TN3LvAzfGEI/AAAAAAAAG_Y/YgnCvp9Na08/s1600/Fake-TTC-Tokens.jpg ● http://en.wikipedia.org/wiki/File:Doorman.JPG 29 Presenter: Adam Young