Re: [openstack-dev] [nova] key management and Cinder volume encryption

On 09/03/2013 09:27 PM, Bryan D. Payne wrote: How can someone use your code without a key manager? Some key management mechanism is required although it could be simplistic. For example, we’ve tested our code internally with an implementation of the key

Re: [openstack-dev] [nova] key management and Cinder volume encryption

Development Mailing List Subject: Re: [openstack-dev] [nova] key management and Cinder volume encryption External dependencies are fine, obviously. The difference is whether we actually have code to interface with those external dependencies. We have code to talk to databases and message queues

Re: [openstack-dev] [nova] key management and Cinder volume encryption

On Tue, Sep 3, 2013 at 4:38 PM, Coffman, Joel M. joel.coff...@jhuapl.eduwrote: We have fully implemented support for transparently encrypting Cinder volumeshttps://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumesfrom within Nova (see https://review.openstack.org/#/c/30976/), but

[openstack-dev] [nova] key management and Cinder volume encryption

We have fully implemented support for transparently encrypting Cinder volumeshttps://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumes from within Nova (see https://review.openstack.org/#/c/30976/), but the lack of a secure key manager within OpenStack currently precludes us from

Re: [openstack-dev] [nova] key management and Cinder volume encryption

.html* *** [3] http://lists.openstack.org/pipermail/openstack-dev/2013-April/008268.html* *** ** ** ** ** *From:* Joe Gordon [mailto:joe.gord...@gmail.com] *Sent:* Tuesday, September 03, 2013 4:48 PM *To:* OpenStack Development Mailing List *Subject:* Re: [openstack-dev] [nova] key

Re: [openstack-dev] [nova] key management and Cinder volume encryption

Subject: Re: [openstack-dev] [nova] key management and Cinder volume encryption On Tue, Sep 3, 2013 at 5:41 PM, Coffman, Joel M. joel.coff...@jhuapl.edumailto:joel.coff...@jhuapl.edu wrote: How can someone use your code without a key manager? Some key management mechanism is required

Re: [openstack-dev] [nova] key management and Cinder volume encryption

On 09/03/2013 05:41 PM, Coffman, Joel M. wrote: How can someone use your code without a key manager? Some key management mechanism is required although it could be simplistic. For example, we’ve tested our code internally with an implementation of the key manager interface that returns a

Re: [openstack-dev] [nova] key management and Cinder volume encryption

On 09/03/2013 06:26 PM, Bhandaru, Malini K wrote: The issue here is the key manager, barbican, under development is in incubation. Folks can download and use barbican. The barbican team has worked deligently to produce the system. In fact, folks can download and use and vote for Joel's

Re: [openstack-dev] [nova] key management and Cinder volume encryption

How can someone use your code without a key manager? Some key management mechanism is required although it could be simplistic. For example, we’ve tested our code internally with an implementation of the key manager interface that returns a single, constant key. That works for

Re: [openstack-dev] [nova] key management and Cinder volume encryption

On Tue, Sep 3, 2013 at 7:27 PM, Bryan D. Payne bdpa...@acm.org wrote: How can someone use your code without a key manager? Some key management mechanism is required although it could be simplistic. For example, we’ve tested our code internally with an implementation of the key

Re: [openstack-dev] [nova] key management and Cinder volume encryption

On Tue, Sep 3, 2013 at 6:44 PM, John Griffith john.griff...@solidfire.comwrote: On Tue, Sep 3, 2013 at 7:27 PM, Bryan D. Payne bdpa...@acm.org wrote: How can someone use your code without a key manager? Some key management mechanism is required although it could be simplistic.