[openstack-dev] [Keystone][Oslo] Future of Key Distribution Server, Trusted Messaging

Clint Byrum clint at fewbar.com
Sun Dec 1 05:49:02 UTC 2013

Excerpts from Adam Young's message of 2013-11-25 20:25:50 -0800:
> Back in the Day, Barbican was just one Service of Cloud Keep.  While I 
> would say that KDS belongs in the Cloud Keep, it is not the same as, and 
> should not be deployed with Barbican.  Is it possible to keep them as 
> separate services?  I think that is the right way to go.  Barbican is 
> for the  end users of Cloud, but KDS is not.  Does this make sense?

They're doing the same fundamental thing for two different sets of users
with two overlapping use cases. Why would we implement two KDS services
for this?

I also don't like that the discussions suggested that because it would
be hard to get Barbican incubated/integrated it should not be used. That
is just crazy talk. TripleO merged with Tuskar because Tuskar is part of

Seems to me that pulling Barbican into the identity _program_, but still
as its own project/repo/etc. would solve that problem.

More information about the OpenStack-dev mailing list