On 20/06/18 17:59, Adam Harwell wrote:
Looks like I missed this so I'm late to the party, but:
Ade is technically correct, Octavia doesn't explicitly depend on
Barbican, as we do support castellan generically.
*HOWEVER*: we don't just store and retrieve our own secrets -- we rely
on loading
On 2018-06-20 16:59:30 -0500 (-0500), Adam Harwell wrote:
> Looks like I missed this so I'm late to the party, but:
>
> Ade is technically correct, Octavia doesn't explicitly depend on Barbican,
> as we do support castellan generically.
>
> *HOWEVER*: we don't just store and retrieve our own
Looks like I missed this so I'm late to the party, but:
Ade is technically correct, Octavia doesn't explicitly depend on Barbican,
as we do support castellan generically.
*HOWEVER*: we don't just store and retrieve our own secrets -- we rely on
loading up user created secrets. This means that
On 2018-06-06 01:29:49 + (+), Jeremy Stanley wrote:
[...]
> Seeing no further objections, I give you
> https://review.openstack.org/572656 for the next step.
That change merged just a few minutes ago, and
On 2018-05-31 13:00:47 + (+), Jeremy Stanley wrote:
> On 2018-05-31 10:33:51 +0200 (+0200), Thierry Carrez wrote:
> > Ade Lee wrote:
> > > [...]
> > > So it seems that the two blockers above have been resolved. So is it
> > > time to ad a castellan compatible secret store to the base
On 2018-05-31 10:33:51 +0200 (+0200), Thierry Carrez wrote:
> Ade Lee wrote:
> > [...]
> > So it seems that the two blockers above have been resolved. So is it
> > time to ad a castellan compatible secret store to the base services?
>
> It's definitely time to start a discussion about it, at
Ade Lee wrote:
[...]
So it seems that the two blockers above have been resolved. So is it
time to ad a castellan compatible secret store to the base services?
It's definitely time to start a discussion about it, at least :)
Would you be interested in starting a ML thread about it ? If not,
On Thu, 2018-05-17 at 10:33 +0200, Cédric Jeanneret wrote:
>
> On 05/17/2018 10:18 AM, Bogdan Dobrelya wrote:
> > On 5/17/18 9:58 AM, Thierry Carrez wrote:
> > > Jeremy Stanley wrote:
> > > > [...]
> > > > As a community, we're likely to continue to make imbalanced
> > > > trade-offs against
On Thu, 2018-05-17 at 09:58 +0200, Thierry Carrez wrote:
> Jeremy Stanley wrote:
> > [...]
> > As a community, we're likely to continue to make imbalanced
> > trade-offs against relevant security features if we don't move
> > forward and declare that some sort of standardized key storage
> >
On 05/17/2018 10:18 AM, Bogdan Dobrelya wrote:
> On 5/17/18 9:58 AM, Thierry Carrez wrote:
>> Jeremy Stanley wrote:
>>> [...]
>>> As a community, we're likely to continue to make imbalanced
>>> trade-offs against relevant security features if we don't move
>>> forward and declare that some sort
On 5/17/18 9:58 AM, Thierry Carrez wrote:
Jeremy Stanley wrote:
[...]
As a community, we're likely to continue to make imbalanced
trade-offs against relevant security features if we don't move
forward and declare that some sort of standardized key storage
solution is a fundamental component on
Jeremy Stanley wrote:
[...]
As a community, we're likely to continue to make imbalanced
trade-offs against relevant security features if we don't move
forward and declare that some sort of standardized key storage
solution is a fundamental component on which OpenStack services can
rely. Being
On 2018-05-16 17:42:09 + (+), Jeremy Stanley wrote:
[...]
> Unfortunately, I'm unable to find any follow-up summary on the
> mailing list from the aforementioned session, but recollection from
> those who were present (I had a schedule conflict at that time) was
> that a
Excerpts from Jeremy Stanley's message of 2018-05-16 17:42:09 +:
> On 2018-05-16 13:16:09 +0200 (+0200), Dmitry Tantsur wrote:
> > On 05/15/2018 09:19 PM, Juan Antonio Osorio wrote:
> > > As part of the work from the Security Squad, we added the
> > > ability for the containerized undercloud
On 2018-05-16 13:16:09 +0200 (+0200), Dmitry Tantsur wrote:
> On 05/15/2018 09:19 PM, Juan Antonio Osorio wrote:
> > As part of the work from the Security Squad, we added the
> > ability for the containerized undercloud to encrypt the
> > overcloud plans. This is done by enabling Swift's encrypted
15 matches
Mail list logo
