Open Stack

Barbican, key manager is essential to openstack, paves the way to greater security.
Instead of rejecting the project because of its current existence owed so heavily to Rackspace and to John Wood, why not we adopt it, code review, contribute code etc. We can have cores from multiple companies. Swift was a project that was born similarly.
During development John Wood and the whole Rackspace team has been open to feature design discussions and providing good code review.  

Intel plans to create a plugin for Barbican, along the lines of a low cost HSM, essentially using the Intel TXT and the Trusted Platform Module to save a master secret used to encrypt all the other secrets.
Our Intel team is small and some of us had other distractions in October and November, but we are back and may even grow in strength.

John, Jarret, and team, thank you for all the hard work.

Malini


-----Original Message-----
From: Jarret Raim [mailto:jarret.raim at RACKSPACE.COM] 
Sent: Tuesday, December 17, 2013 11:44 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] Incubation Request for Barbican

On 12/13/13, 4:50 AM, "Thierry Carrez" <thierry at openstack.org> wrote:


>If you remove Jenkins and attach Paul Kehrer, jqxin2006 (Michael Xin), 
>Arash Ghoreyshi, Chad Lung and Steven Gonzales to Rackspace, then the 
>picture is:
>
>67% of commits come from a single person (John Wood) 96% of commits 
>come from a single company (Rackspace)
>
>I think that's a bit brittle: if John Wood or Rackspace were to decide 
>to place their bets elsewhere, the project would probably die instantly.
>I would feel more comfortable if a single individual didn't author more 
>than 50% of the changes, and a single company didn't sponsor more than 
>80% of the changes.


I think these numbers somewhat miss the point. It is true that Rackspace is the primary sponsor of Barbican and that John Wood is the developer that has been on the project the longest. However, % of commits is not the only measure of contributions to the project. That number doesn¹t include the work on our chef-automation scripts or design work to figure out the HSM interfaces or work on the testing suite or writing our documentation or the million other tasks for the project.

Rackspace is committed to this project. If John Wood leaves, we¹ll hire additional developers to replace him. There is no risk of the project lacking resources because a single person decides to work on something else. 

We¹ve seen other folks from HP, RedHat, Nebula, etc. say that they are interested in contributing and we are getting outside contributions today.
That will only continue, but I think the risk of the project somehow collapsing is being overstated.

There are problems that aren¹t necessarily the sexiest things to work on, but need to be done. It may be hard to get a large number of people interested in such a project in a short period of time. I think it would be a mistake to reject projects that solve important problems just because the team is a bit one sided at the time.





Jarret