Comment 1 for bug 1174608

> and the default location for this directory is:
> signing_dir = /tmp/keystone-signing-nova

It is not, that happens to be default in Fedora's nova.conf
  http://pkgs.fedoraproject.org/cgit/openstack-nova.git/tree/nova.conf#n27

Default in authtoken middleware code (now located in python-keystoneclient) is ~/keystone-signing and normally homedir of the user account running the application (where authtoken m/w is inserted) should not be world-writable.