[openstack-dev] [all] [barbican] [security] Why are projects trying to avoid Barbican, still?
Chris Friesen
chris.friesen at windriver.com
Mon Jan 16 17:25:16 UTC 2017
On 01/16/2017 10:31 AM, Rob C wrote:
> I think the main point has already been hit on, developers don't want to
> require that Barbican be deployed in order for their service to be
> used.
I think that this is a perfectly reasonable stance for developers to take. As
long as Barbican is an optional component, then making your service depend on it
has a good chance of limiting your potential install base.
Given that, it seems like the ideal model from a security perspective would be
to use Barbican if it's available at runtime, otherwise use something else...but
that has development and maintenance costs.
Chris
More information about the OpenStack-dev
mailing list