<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 255); font-size: 14px; font-family: Calibri, sans-serif;">
<div>Hello Asha,</div>
<div><br>
</div>
<div>The /v1/secrets resource is used to upload, encrypt and store your secrets, and to decrypt and retrieve those secrets. Key encryption keys (KEKs) internal to Barbican are used to encrypt the secret.</div>
<div><br>
</div>
<div>The /v1/orders resource is used when you want Barbican to generate secrets for you. When they are done they give you references to where the secrets are stored so you can retrieve them via the secrets resource above.</div>
<div><br>
</div>
<div>Hope that helps!</div>
<div><br>
</div>
<div>Thanks,</div>
<div>John</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt; text-align:left; color:black; BORDER-BOTTOM: medium none; BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT: 0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; BORDER-RIGHT: medium none; PADDING-TOP: 3pt">
<span style="font-weight:bold">From: </span>Asha Seshagiri <<a href="mailto:asha.seshagiri@gmail.com">asha.seshagiri@gmail.com</a>><br>
<span style="font-weight:bold">Date: </span>Thursday, April 16, 2015 at 1:23 AM<br>
<span style="font-weight:bold">To: </span>openstack-dev <<a href="mailto:openstack-dev@lists.openstack.org">openstack-dev@lists.openstack.org</a>><br>
<span style="font-weight:bold">Cc: </span>John Wood <<a href="mailto:john.wood@rackspace.com">john.wood@rackspace.com</a>>, "Reller, Nathan S." <<a href="mailto:Nathan.Reller@jhuapl.edu">Nathan.Reller@jhuapl.edu</a>>, Douglas Mendizabal <<a href="mailto:douglas.mendizabal@RACKSPACE.COM">douglas.mendizabal@RACKSPACE.COM</a>>,
Paul Kehrer <<a href="mailto:paul.kehrer@RACKSPACE.COM">paul.kehrer@RACKSPACE.COM</a>>, Adam Harwell <<a href="mailto:adam.harwell@RACKSPACE.COM">adam.harwell@RACKSPACE.COM</a>>, Alexis Lee <<a href="mailto:alexisl@hp.com">alexisl@hp.com</a>><br>
<span style="font-weight:bold">Subject: </span>Barbican : What is the difference between secret and order resource<br>
</div>
<div><br>
</div>
<div>
<div>
<div dir="ltr">Hi All ,
<div><br>
</div>
<div>What is the difference between secret and the order resource ?</div>
<div>Where is the key stored that is used for encrypting the payload in the secret resource and how do we access it. </div>
<div><br>
</div>
<div>According to my understanding ,</div>
<div><br>
</div>
<div>Storing/Posting the secret means we are encrypting the actual information(payload) using the key generated internally by the barbican based on the type mentioned in the secret type.</div>
<div>Geting the secret means we are decryprting the information and geting the actual information.</div>
<div><br>
</div>
<div>Posting the order refers to the generation of the actual keys by the barbican and encyrpting those keys based on the algorithm and the internal key generated by barbican.</div>
<div>This encrypted key is referred through the secret reference and the whole meta data is referred through a order reference.</div>
<div><br>
</div>
<div>Please correct me if I am wrong.</div>
<div>Any help would be highly appreciated.</div>
<div><br>
</div>
<div><br>
</div>
<div>-- <br>
<div class="gmail_signature">
<div><em>Thanks and Regards,</em></div>
<div><em>Asha Seshagiri</em></div>
</div>
</div>
</div>
</div>
</div>
</span>
</body>
</html>