[openstack-dev] Key Manager blueprint updated

Endre Karlson endre.karlson at gmail.com
Wed Apr 24 20:54:39 UTC 2013


Please do collaborate these efforts. We do not need more projects that goes
in different directions due to people not wanting to collaborate from the
start :). No harm intended fyi!

Endre.


2013/4/24 Pedro Navarro Pérez <pednape at gmail.com>

> As we are working for the Havana release, I'd like to propose as name
> of the project "Llavero" bunch of keys in Spanish.
>
> Regards
>
> On Wed, Apr 24, 2013 at 9:10 PM, Bhandaru, Malini K
> <malini.k.bhandaru at intel.com> wrote:
> > The Intel Key Manager effort (developed on the Openstack mailing list
> with blueprints) and the Rackspace effort announced last week
> > back  are getting to know each other and collaborate. Early stages.
> >
> > CloudKeep is still in the very early stages. Parts of it will be
> re-usable as is, their event logging (demo-ed at the summit) is rich, while
> others such as the use of Falcon may have to be re-visited (separate
> discussion going on the mailing list about pecan/falcon), and API
> functionality still needs to be built in.
> >
> > Also need a close partner for using the keys from the Key Manager, the
> volume encryption folks. Or a simpler first use, saving the Nova public
> certificates that are injected into VMs to support ssh.
> >
> > The only published blueprint is mine, and as good a placeholder for your
> comments/feedback as any other, or this mailing list.
> > A first successful Intel/Rackspace co-operation would be a revised
> blueprint, and sub-blueprints (representing feature coding chunks)
> > and publishing a git repository for code and community contributions.
> >
> > Name, we have had some good suggestions on this list, anything is fine.
> > Barbican, Jangle, Ignite, Clipper ..
> > (CloudKeep == Cloud is common to all our projects, Keystore  == too
> similar to Keystone)
> >
> > Regards
> > Malini
> >
> >
> > -----Original Message-----
> > From: Mac Innes, Kiall [mailto:kiall at hp.com]
> > Sent: Wednesday, April 24, 2013 10:30 AM
> > To: OpenStack Development Mailing List
> > Subject: Re: [openstack-dev] Key Manager blueprint updated
> >
> > What about "CloudKeep"?
> >
> > (Hint: I don't see anything on the wiki page explaining why RackSpace's
> existing implementation can't be used as a starting point!)
> >
> > Kiall Mac Innes
> > HP Cloud Services - DNSaaS
> >
> > Mobile:   +353 86 345 9333
> > Landline: +353 1 524 2177
> > GPG:      E9498407
> >
> > On 24/04/13 18:07, Atwood, Mark wrote:
> >> Clipper?
> >>
> >> Mark Atwood <mark.atwood at hp.com <mailto:mark.atwood at hp.com>> Director
> >> of Open Source Evangelism for HP Cloud Services
> >> +1-206-473-7118
> >>
> >>
> >> On Tue, Apr 23, 2013 at 1:09 AM, Bhandaru, Malini K
> >> <malini.k.bhandaru at intel.com <mailto:malini.k.bhandaru at intel.com>>
> wrote:
> >>
> >>     Hello Everyone!____
> >>
> >>     __ __
> >>
> >>     Thank you to those of you who attended the key manager design summit
> >>     session and provided input.____
> >>
> >>     Missed some of you who have provided feedback on the mailing
> >> list.____
> >>
> >>     __ __
> >>
> >>     I've updated the blueprint based on the discussions.  Do let me know
> >>     if you are in favor of____
> >>
> >>     Limiting access to keys based on original owner
> >>     (user/project/tenant). With this approach, a put/create would need
> >>     an additional____
> >>
> >>     Argument to indicate scope.____
> >>
> >>     __ __
> >>
> >>     I anticipate over this week breaking out the details into
> >>     sub-blueprints for easier parceling into implementation
> >> sub-units.____
> >>
> >>     __ __
> >>
> >>     https://wiki.openstack.org/wiki/KeyManager____
> >>
> >>     __ __
> >>
> >>     Also open to suggestions for a name for the project J____
> >>
> >>     __ __
> >>
> >>     Jangle - the sound a bunch of keys  make?____
> >>
> >>     Key Manager   (no obfuscation !)____
> >>
> >>     (keystore is too similar to keystone ..  -1)____
> >>
> >>     __ __
> >>
> >>     Regards____
> >>
> >>     Malini____
> >>
> >>
> >>     _______________________________________________
> >>     OpenStack-dev mailing list
> >>     OpenStack-dev at lists.openstack.org
> >>     <mailto:OpenStack-dev at lists.openstack.org>
> >>     http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >>
> >>
> >
> > _______________________________________________
> > OpenStack-dev mailing list
> > OpenStack-dev at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> >
> > _______________________________________________
> > OpenStack-dev mailing list
> > OpenStack-dev at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130424/6f7f0f38/attachment.html>


More information about the OpenStack-dev mailing list