+1 to a stand alone library for this.
1) We would have to maintain rationale versioning and backwards compatibility
of this library. If we start library from scratch we'll have to add/change lots
of stuff before we'll reach some stability period.
I don’t think this is a hard problem to solve.
I agree with Stefano. Migrating the entire community to a new service
would be incredibly painful. It seems the pain of moving is not justified
if we don’t know for a fact that OFTC would be more resilient to DDoS
attacks.
-1 to the switch as well.
-Doug Mendizabal
On 3/4/14, 2:48 PM,
/0800PM_24_Mar_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting
if you need to figure out what 20:00 UTC means in your time.
-Douglas Mendizabal
smime.p7s
Description: S/MIME cryptographic signature
___
OpenStack-dev mailing list
OpenStack-dev
Yes, this is exactly the use case we’re trying to address with Barbican. I
think this is something that definitely belongs in Barbican, especially
now that we are an incubated project. We’d love to help out with any
integration questions you may have.
-Doug Mendizabal
On 3/25/14, 12:49 PM, Jay
/0800PM_31_Mar_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting
if you need to figure out what 20:00 UTC means in your time.
-Douglas Mendizabal
smime.p7s
Description: S/MIME cryptographic signature
___
OpenStack-dev mailing list
OpenStack-dev
/0800PM_7_Apr_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting
if you need to figure out what 20:00 UTC means in your time.
-Douglas Mendizabal
smime.p7s
Description: S/MIME cryptographic signature
___
OpenStack-dev mailing list
OpenStack-dev
I agree that this is concerning. And that what's concerning isn't so
much that the project did something different, but rather that choice
was apparently made because the project thought it was perfectly fine
for them to ignore what other OpenStack projects do and go off and do
its own thing.
Hi Doug,
Barbican does guarantee the integrity and availability of the secret,
unless the owner of the secret deletes it from Barbican. We’re not
encouraging that you store a shadow-copy of the secret either. This was
proposed by the LBaaS team as a possible workaround for your use case.
Our
Hi Everyone,
The Barbican team is hosting our weekly meeting today, Monday June 16nd, at
20:00 UTC in #openstack-meeting-alt
Meeting agenda is available here
https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed
to add agenda items.
You can check this link
Hi Everyone,
Just wanted to send a reminder that the Barbican Juno meetup is coming up in
a few weeks. We’ll be meeting at the new Geekdom location in San Antonio,
TX on July 7-9 (Monday-Wednesday). This meetup will overlap with the
Keystone Juno Hackathon being held July 9-11 at the same
, please be sure to RSVP if you’re planning on coming, so that we can
plan accordingly.
RSVP [
https://docs.google.com/forms/d/1iao7mEN6HV3CRCRuCPhxOaF4_tJ-Kqq4_Lli1quft58
/viewform?usp=send_form ]
Thanks,
Doug Mendizábal
IRC: redrobot
From: Douglas Mendizabal douglas.mendiza...@rackspace.com
Reply
I was looking through some Keystone docs and noticed that for version 3.0 of
their API [1] Keystone merged the Service and Admin API into a single core
API. I haven’t gone digging through mail archives, but I imagine they had a
pretty good reason to do that.
Adam, I know you’ve already
All,
As part of our ongoing mid-cycle meetup, the Barbican team was able to merge
the plugin restructuring CR [1]. This is a pretty big change that will
likely cause merge conflicts for most pending CRs. So, if you’re waiting on
reviews for Barbican change requests, please take some time to
Hi Everyone,
I would also like to nominate Nathan Reller for the barbican-core team.
Nathan has been involved with the Key Management effort since early 2013.
Recently, Nate has been driving the development of a KMIP backend for
Barbican, which will enable Barbican to be used with KMIP devices.
Hi Everyone,
The Barbican team is hosting our weekly meeting today, Monday June 14, at
20:00 UTC in #openstack-meeting-alt
Meeting agenda is available here
https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed
to add agenda items.
You can check this link
The Barbican development team would like to announce the release of
python-barbicanclient version 2.2.1
python-barbicanclient is a client library for the Barbican Key Management
Service. It provides a Python API (barbicanclient module) and a
command-line tool (barbican).
This release can be
Hi everybody!
It is my pleasure to announce the final release of Barbican for Icehouse
2014.1
Information on the milestone and its associated tar ball are available at:
https://launchpad.net/barbican/icehouse/icehouse
Many thanks to all the contributors who made this first incubated milestone
] Barbican 2014.1 (Icehouse) is
released
Hi Douglas,
could you please point to the project docs?
Thanks,
Eugene.
On Thu, Apr 17, 2014 at 1:48 AM, Douglas Mendizabal
douglas.mendiza...@rackspace.com wrote:
Hi everybody!
It is my pleasure to announce the final release of Barbican for Icehouse
Hi Everyone,
The Barbican team is hosting our weekly meeting today, Monday April 21, at
20:00 UTC in #openstack-meeting-alt
Meeting agenda is avaialbe here
https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed
to add agenda items
You can check this link
Hi Everyone,
The Barbican team is hosting our weekly meeting today, Monday April 28, at
20:00 UTC in #openstack-meeting-alt
Meeting agenda is avaialbe here
https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed
to add agenda items
You can check this link
Hi Michael,
There’s quite a few Barbican devs here at the summit. We’ll be hanging out
at the Barbican table in room B204 tomorrow if you want to drop in and chat.
You can also ping us on #openstack-barbican on freenode.
- Douglas Mendizábal
IRC: redrobot
From: Michael Dorman
Hi Everyone,
The Barbican team is hosting our weekly meeting today, Monday June 2nd, at
20:00 UTC in #openstack-meeting-alt
Meeting agenda is available here
https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed
to add agenda items.
You can check this link
Hi all,
I’m strongly in favor of having immutable TLS-typed containers, and very
much opposed to storing every revision of changes done to a container. I
think that storing versioned containers would add too much complexity to
Barbican, where immutable containers would work well.
I’m still not
I understand how this could be helpful, but I still don’t understand why
this is Barbican’s problem to solve.
From Jorge’s original email:
Using this method requires services, such as LBaaS, to register in
the form of metadata to a barbican container.
If our assumptions are that the GUI can
I think that having Barbican decide whether the user is or isn’t allowed to
delete a secret that they own based on a reference count that is not
directly controlled by them is unacceptable. This is indeed policy
enforcement, and we’d rather not go down that path.
I’m opposed to the idea of
Hi OpenStack-dev,
I would like to put my name in the hat for PTL of the Key Management Service
Program, which includes Barbican, python-barbicanclient, Kite, and
python-kiteclient.
I’ve had the pleasure of being a part of the Barbican team since the very
beginning of the project. During the
Hi All,
The Barbican team is proud to announce the final release of the Barbican Key
Management Service for Juno:
https://launchpad.net/barbican/juno/2014.2
This release includes 9 Blueprints and 47 bug fixes. Check the link above
for the full details. Many thanks to all the contributors who
+1
Douglas Mendizábal
IRC: redrobot
PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C
From: Chad Lung chad.l...@gmail.com
Reply-To: OpenStack Development Mailing List (not for usage questions)
openstack-dev@lists.openstack.org
Date: Wednesday, November 5, 2014 at
Hi All,
I would like to nominate Juan Antonio Osorio Robles to the barbican-core
team.
Juan has been consistently giving us very well thought out and constructive
reviews for Barbican, python-barbicanclient and barbican-specs. It’s
obvious from his reviews that he cares deeply for the quality
://eavesdrop.openstack.org/meetings/barbican/2014/barbican.2014-11-10-2
0.00.log.html
Douglas Mendizábal
IRC: redrobot
PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C
On 11/7/14, 1:03 PM, Ade Lee a...@redhat.com wrote:
+1 for me.
On Wed, 2014-11-05 at 15:53 +, Douglas
Hi all,
As discussed during the Barbican Weekly Meeting today [1], after 5 days of
lazy consensus the nomination for Steve Heyman has been approved with six
+1 votes, so we would like to welcome Steve to the barbican-core team.
Thanks,
Doug Mendizábal
[1]
I think it would also be interesting to hear for the Keystone folks that
are interested in attending OSSG and/or Barbican. A few people have told
me they found the Keystone/Barbican overlap for the last mid-cycle to be
helpful, so it might be worthwhile doing again.
-Doug M.
Hi openstack-dev,
The Barbican team is planning to have a mid-cycle sprint in Austin, TX on
February 16-18, 2015. We’ll be meeting at Capital Factory, a co-working space
in downtown Austin.
For more details and RSVP, please see:
https://wiki.openstack.org/wiki/Sprints/BarbicanKiloSprint
Hi openstack-dev@,
The barbican team would like to retire the 2.x branch of python-barbicanclient
in favor of the 3.x branch:
https://review.openstack.org/#/c/146231/
The 3.x branch of python-barbicanclient represents a major improvement of the
Barbican client. The main breaking change
Hi API WG,
I’m curious about something that came up during a bug discussion in one of the
Barbican weekly meetings. The question is about optional properties in an
entity. e.g. We have a Secret entity that has some properties that are
optional, such as the Secret’s name. We were split on
Hi openstack-dev,
The barbican team would like to announce the release of python-barbicanclient
3.0.2. This is a minor release that fixes a bug in the pbr versioning that was
preventing the client from working correctly.
The release is available on PyPI
://review.openstack.org/#/c/150645/
Douglas Mendizábal
IRC: redrobot
PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C
On Jan 27, 2015, at 7:22 PM, Sean Dague s...@dague.net wrote:
On 01/27/2015 05:21 PM, Sean Dague wrote:
On 01/27/2015 03:55 PM, Douglas
Hi openstack-dev!
I just wanted to send a reminder that the Barbican mid-cycle Sprint will be
taking place on February 16-18 in Austin, TX, which is just five weeks away.
There’ll be an overlap of a couple of days with the OSSG Mid-Cycle Sprint,
which will hopefully give us a chance to
HI Asha,
It looks like your curl command is malformed, which is why you’re getting all
the curl errors. You need to quote the entirety of the payload, like so:
curl -X POST -H 'content-type:application/json' -H 'X-Project-Id: 12345' -d '{
name: container1 ,type: rsa,secret_refs: [ { name:
Hello again Asha,
Yes, the predefined secret names in an RSA container should match up with
secret refs for those actual things. “private_key” should point to the private
key of the RSA pair, “public_key” should point to the matching public key.
private_key_passphrase is optional, and it is
Thanks for the insight, other Doug. :) It appears that this is in part due to
the fact that Tempest has not yet updated to oslo_log and is still using
incubator oslo.log. Can someone from the Tempest team chime in on what the
status of migrating to oslo_log is?
It’s imperative for us to fix
Hi Asha,
Barbican Orders of type “key” are intended to generate keys suitable for
encryption. The metadata associated with the key order defines the encryption
scheme in which the key will be used. In the example you provided, the order
is requesting a key that is suitable for use in a block
The Barbican Project Team would like to announce the release of
python-barbicanclient 3.0.3.
The release is available via PyPI
* https://pypi.python.org/pypi/python-barbicanclient
https://pypi.python.org/pypi/python-barbicanclient
For detailed release notes, please visit the milestone page in
On Jan 29, 2015, at 1:19 PM, Doug Hellmann d...@doughellmann.com wrote:
On Thu, Jan 29, 2015, at 01:31 PM, Joe Gordon wrote:
On Thu, Jan 29, 2015 at 9:52 AM, Sean Dague s...@dague.net wrote:
So, honestly, yes.
For a library to release safely it must:
* have stable-compat jobs
: application/json” and you should see the correct
responses.
Thanks,
- Douglas Mendizabal
[1] https://www.python.org/dev/peps/pep-/
[2]
http://git.openstack.org/cgit/openstack/barbican/tree/barbican/api/app.py#n74
[3] http://uwsgi-docs.readthedocs.org/en/latest/
[4] https://code.google.com/p
**kwargs would start seeing TypeErrors for unexpected
arguments.
Thanks,
Douglas Mendizabal
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org
The Barbican will probably only need 2 fishbowls, so we wouldn’t mind
donating the third one to OSSG.
-Doug Mendizabal
On 4/10/15, 4:46 AM, Clark, Robert Graham robert.cl...@hp.com wrote:
On 10/04/2015 10:37, Thierry Carrez thie...@openstack.org wrote:
Hi PTLs,
Here is the proposed slot
.
Thanks,
-Douglas Mendizabal
Douglas Mendizábal
IRC: redrobot
PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C
signature.asc
Description: Message signed with OpenPGP using GPGMail
__
OpenStack
The Barbican Team also has a plan to release a new version of barbican client
for Kilo. The planned version is 3.1.0. [1] and it will include features
landed during FFE.
Thanks,
-Douglas Mendizabal
[1] https://launchpad.net/python-barbicanclient/+milestone/3.1.0
https://launchpad.net/python
Does anyone monitor speakersupp...@openstack.org
mailto:speakersupp...@openstack.org? I’ve been waiting for a reply for a few
days now.
Thanks,
- Doug Mendizábal
signature.asc
Description: Message signed with OpenPGP using GPGMail
One of my goals for Barbican for this cycle is to migrate our code to use
pyca/cryptography exclusively. We currently depend on both because at one
point we needed things that were not available in early releases of
cryptography.
- Douglas Mendizábal (redrobot)
> On Mar 8, 2017, at 1:11 PM,
+1
The new time slot would definitely make it much easier for me to attend
than the current one.
- Douglas Mendizábal
On Thu, 2018-06-14 at 16:30 -0400, Ade Lee wrote:
> The new time slot has been pretty difficult for folks to attend.
> I'd like to propose a new time slot, which will hopefully
Replying inline.
On Wed, 2018-06-27 at 16:39 -0400, Zane Bitter wrote:
> We're looking at using Barbican to implement a feature in Heat[1]
> and
> ran into some questions about how secrets are identified in the
> client.
>
> With most openstack clients, resources are identified by a UUID. You
Hi openstack-dev@,
During the weekly meeting today the topic of moving the weekly meeting
forward by an hour to adjust for US Daylight Savings Time ending was
brought up. All contributors in attendance unanimously voted for the
move. [1]
If you would like to participate in the meetings and
54 matches
Mail list logo