Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

Darragh Bailey writes: > On 22 March 2017 at 15:02, James E. Blair wrote: > >> Ian Cordasco writes: >> >> > >> > I suppose Barbican doesn't meet those requirements either, then, yes? >> >> Right -- we don't want to require

Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

On 22 March 2017 at 15:02, James E. Blair wrote: > Ian Cordasco writes: > > > > > I suppose Barbican doesn't meet those requirements either, then, yes? > > Right -- we don't want to require another service or tie Zuul to an > authn/authz system for a

Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

Ian Cordasco writes: > On Tue, Mar 21, 2017 at 6:10 PM, James E. Blair wrote: >> We did talk about some other options, though unfortunately it doesn't >> look like a lot of that made it into the spec reviews. Among them, it's >> probably worth

Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

On Tue, Mar 21, 2017 at 6:10 PM, James E. Blair wrote: > David Moreau Simard writes: > >> I don't have a horse in this race or a strong opinion on the topic, in >> fact I'm admittedly not very knowledgeable when it comes to low-level >> encryption things. >>

Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

David Moreau Simard writes: > I don't have a horse in this race or a strong opinion on the topic, in > fact I'm admittedly not very knowledgeable when it comes to low-level > encryption things. > > However, I did have a question, even if just to generate discussion. > Did we

Re: [OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

I don't have a horse in this race or a strong opinion on the topic, in fact I'm admittedly not very knowledgeable when it comes to low-level encryption things. However, I did have a question, even if just to generate discussion. Did we ever consider simply leaving secrets out of Zuul and