f Keystone team allows us to pursue the first option. If
>>>>> it is disallowed, I will suggest Magnum team to pursue
>>>>> other options.
>>>>>
>>>>> So, for the original question, does Keystone team allow us
>>>>> to store encrypted
f Keystone team
> >> allows us to pursue the first option. If it is disallowed, I will
> >> suggest Magnum team to pursue other options.
> >>
> >> So, for the original question, does Keystone team allow us to store
> >> encrypted data in Keystone? A
y implications of storing un-encrypted data). Would I
>> confirm if Keystone team agrees (or doesn’t disagree) with this
>> point of view?
>>
>>
>>
>> [1] https://etherpad.openstack.org/p/magnum-barbican-alternative
>>
>>
>>
>> Best regards,
&
team agrees (or doesn’t disagree) with this
> point of view?
>
>
>
> [1] https://etherpad.openstack.org/p/magnum-barbican-alternative
>
>
>
> Best regards,
>
> Hongbin
>
>
>
> *From:*Morgan Fainberg [mailto:morgan.fainb...@gmail.com] *Sent:*
> April-1
Excerpts from Clayton O'Neill's message of 2016-04-13 07:37:16 -0700:
> On Wed, Apr 13, 2016 at 10:26 AM, rezroo wrote:
> > Hi Kevin,
> >
> > I understand that this is how it is now. My question is how bad would it be
> > to wrap the Barbican client library calls in another class and claim, for
>
Excerpts from Douglas Mendizábal's message of 2016-04-13 10:01:21 -0700:
> Hash: SHA512
>
> Hi Reza,
>
> The Barbican team has already abstracted python-barbicanclient into a
> general purpose key-storage library called Castellan [1]
>
> There are a few OpenStack projects that have planned to in
he other services you've already had
>>> to deploy. Ive deployed both ha setups and barbican before. Ha
>>> is way worse.
>>>
>>> Thanks, Kevin
>>>
>>> *
>>>
>>> *
>>> --
Sent: Wednesday, April 13, 2016 7:37 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3/credentials to store TLS certificates
On Wed, Apr 13, 2016 at 10:26 AM, rezroo wrote:
> Hi Kevin,
>
> I understand that
On 04/12/2016 03:43 PM, Hongbin Lu wrote:
Hi all,
In short, some Magnum team members proposed to store TLS certificates
in Keystone credential store. As Magnum PTL, I want to get agreements
(or non-disagreement) from OpenStack community in general, Keystone
community in particular, before ap
-Original Message-
From: Lance Bragstad
Reply: OpenStack Development Mailing List (not for usage questions)
Date: April 13, 2016 at 10:24:18
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3
I think we need to ask who we are lowering the barrier of entry for. Are we
going down this path because we want developers to have less things to do
to stand up a development environment? Or do we want to make it easy for
people to realistically test? If you're going to realistically vet magnum,
w
-Original Message-
From: Clayton O'Neill
Reply: OpenStack Development Mailing List (not for usage questions)
Date: April 13, 2016 at 09:39:38
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Keystone
: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3/credentials to store TLS certificates
On Tue, Apr 12, 2016 at 8:06 PM, Adrian Otto
mailto:adrian.o...@rackspace.com>> wrote:
Please don't miss the point h
On Wed, Apr 13, 2016 at 10:26 AM, rezroo wrote:
> Hi Kevin,
>
> I understand that this is how it is now. My question is how bad would it be
> to wrap the Barbican client library calls in another class and claim, for
> all practical purposes, that Magnum has no direct dependency on Barbican?
> What
--
*From:* Adrian Otto
*Sent:* Tuesday, April 12, 2016 8:06:03 PM
*To:* OpenStack Development Mailing List (not for usage questions)
*Subject:* Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3/credentials to store TLS certificates
Please don't m
t: Tuesday, April 12, 2016 8:06:03 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3/credentials to store TLS certificates
Please don't miss the point here. We are seeking a solution that allows a
location
:* Adrian Otto
*Sent:* Tuesday, April 12, 2016 8:06:03 PM
*To:* OpenStack Development Mailing List (not for usage questions)
*Subject:* Re: [openstack-dev] [magnum][keystone][all] Using Keystone
/v3/credentials to store TLS certificates
Please don't miss the point here. We are seeking a solut
loyed both ha setups and barbican before. Ha is way worse.
Thanks,
Kevin
From: Adrian Otto
Sent: Tuesday, April 12, 2016 8:06:03 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [magnum][keystone][all] Using Key
On Tue, Apr 12, 2016 at 8:06 PM, Adrian Otto
wrote:
> Please don't miss the point here. We are seeking a solution that allows a
> location to place a client side encrypted blob of data (A TLS cert) that
> multiple magnum-conductor processes on different hosts can reach over the
> network.
>
> We
Please don't miss the point here. We are seeking a solution that allows a
location to place a client side encrypted blob of data (A TLS cert) that
multiple magnum-conductor processes on different hosts can reach over the
network.
We *already* support using Barbican for this purpose, as well as
On Tue, Apr 12, 2016 at 3:27 PM, Lance Bragstad wrote:
> Keystone's credential API pre-dates barbican. We started talking about
> having the credential API back to barbican after it was a thing. I'm not
> sure if any work has been done to move the credential API in this
> direction. From a securi
Keystone's credential API pre-dates barbican. We started talking about
having the credential API back to barbican after it was a thing. I'm not
sure if any work has been done to move the credential API in this
direction. From a security perspective, I think it would make sense for
keystone to back
Hi all,
In short, some Magnum team members proposed to store TLS certificates in
Keystone credential store. As Magnum PTL, I want to get agreements (or
non-disagreement) from OpenStack community in general, Keystone community in
particular, before approving the direction.
In details, Magnum le
23 matches
Mail list logo