On 31-05-17 20:06:01, Farr, Kaitlin M. wrote:
>> IMHO for now we are better off storing a secret passphrase in Barbican
>> for use with these encrypted volumes, would there be any objections to
>> this? Are there actual plans to use a symmetric key stored in Barbican
>> to directly encrypt and
Lee, a few thoughts on your previous email. Many of the details I think you
already know, but I'm clarifying for posterity's sake:
> However the only supported disk encryption formats on the front-end at
> present are plain (dm-crypt) and LUKS, neither of which use the supplied
> key
On 26-05-17 17:25:15, Duncan Thomas wrote:
> On 25 May 2017 12:33 pm, "Lee Yarwood" wrote:
>
> On 25-05-17 11:38:44, Duncan Thomas wrote:
> > On 25 May 2017 at 11:00, Lee Yarwood wrote:
> > > This has also reminded me that the plain (dm-crypt) format
On 25 May 2017 12:33 pm, "Lee Yarwood" wrote:
On 25-05-17 11:38:44, Duncan Thomas wrote:
> On 25 May 2017 at 11:00, Lee Yarwood wrote:
> > This has also reminded me that the plain (dm-crypt) format really needs
> > to be deprecated this cycle. I posted
On 25-05-17 11:00:26, Lee Yarwood wrote:
> Hello all,
>
> I'm currently working on enabling QEMU's native LUKS support within Nova
> [1]. While testing this work with Barbican I noticed that Cinder is
> creating symmetric keys for use with encrypted volumes :
>
>
On 25-05-17 11:38:44, Duncan Thomas wrote:
> On 25 May 2017 at 11:00, Lee Yarwood wrote:
> > This has also reminded me that the plain (dm-crypt) format really needs
> > to be deprecated this cycle. I posted to the dev and ops ML [2] last
> > year about this but received no
On Thu, May 25, 2017 at 11:38:44AM +0100, Duncan Thomas wrote:
> On 25 May 2017 at 11:00, Lee Yarwood wrote:
> > This has also reminded me that the plain (dm-crypt) format really needs
> > to be deprecated this cycle. I posted to the dev and ops ML [2] last
> > year about
On 25 May 2017 at 11:00, Lee Yarwood wrote:
> This has also reminded me that the plain (dm-crypt) format really needs
> to be deprecated this cycle. I posted to the dev and ops ML [2] last
> year about this but received no feedback. Assuming there are no last
> minute
Hello all,
I'm currently working on enabling QEMU's native LUKS support within Nova
[1]. While testing this work with Barbican I noticed that Cinder is
creating symmetric keys for use with encrypted volumes :