Hi All,
I would like to know if the keys generated by Barbican through the order
resource are encrypted using KEKS and then stored in the secret object or
is it stored in unencypted format.
Any help would be highly appreciated.
root@barbican:~# curl -H 'Accept: application/json' -H
Thanks a lot John for your response.
I also thank everyone who has been responding to my queries if I have
missed someone .
There was some problem while configuring my email .I do not receive the
email response directly from openstack Dev group.I would check the archive
folder for that.
I will
Hello Asha,
So the last step you have is retrieving a decrypted secret from Barbican.
Barbican indeed stores the secret internally encrypted using an internal KEK.
When it is retrieved however, it is first decrypted by Barbican and then
returned the client decrypted.
Beyond TLS to protect
Thanks a lot John for your response.
It has helped me .
Thanks and Regards,
Asha Seshagiri
On Fri, Apr 17, 2015 at 2:28 PM, John Wood john.w...@rackspace.com wrote:
Hello Asha,
So the last step you have is retrieving a decrypted secret from
Barbican. Barbican indeed stores the secret
Hi All ,
What is the difference between secret and the order resource ?
Where is the key stored that is used for encrypting the payload in the
secret resource and how do we access it.
According to my understanding ,
Storing/Posting the secret means we are encrypting the actual
Hello Asha,
The /v1/secrets resource is used to upload, encrypt and store your secrets, and
to decrypt and retrieve those secrets. Key encryption keys (KEKs) internal to
Barbican are used to encrypt the secret.
The /v1/orders resource is used when you want Barbican to generate secrets for
