Open Stack

Excerpts from Vijay Venkatachalam's message of 2013-11-19 05:48:43 -0800:
> Hi Sam, Eugene, & Avishay, etal,
> 
>                 Today I spent some time to create a write-up for SSL Termination not exactly design doc. Please share your comments!
> 
> https://docs.google.com/document/d/1tFOrIa10lKr0xQyLVGsVfXr29NQBq2nYTvMkMJ_inbo/edit
> 
> Would like comments/discussion especially on the following note:
> 
> SSL Termination requires certificate management. The ideal way is to handle this via an independent IAM service. This would take time to implement so the thought was to add the certificate details in VIP resource and send them directly to device. Basically don't store the certificate key in the DB there by avoiding security concerns of maintaining certificates in controller.
> 
> I would expect the certificates to become an independent resource in future thereby causing backward compatibility issues.
> 

Perhaps Barbican can be leveraged for this, it seems that it was
specifically designed for the use case. Quoting from their README:

Design Goals

 1. Provide a central secret-store capable of distributing secret / keying material to all types of deployments including ephemeral Cloud instances.
 2. Support reasonable compliance regimes through reporting and auditability.
 3. Application adoption costs should be minimal or non-existent.
 4. Build a community and ecosystem by being open-source and extensible.
 5. Improve security through sane defaults and centralized management of policies for all secrets.
 6. Out of band communication mechanism to notify and protect sensitive assets.

https://github.com/stackforge/barbican