[openstack-dev] [barbican] Cryptography audit by OSSG

Bryan D. Payne bdpayne at acm.org
Fri Apr 18 16:27:04 UTC 2014


>
>    Is anyone following the openstack-security list and/or part of the
> OpenStack Security Group (OSSG)?  This sounds like another group and list
> we should keep our eyes on.
>

I'm one of the OSSG leads.  We'd certainly welcome your involvement in
OSSG.  In fact, there has been much interest in OSSG about the Barbican
project.  And I believe that many people from the group are contributing to
Barbican.


>    In the below thread on the security list, Nathan Kinder is conducting a
> security audit of the various integrated OpenStack projects.  He's
> answering questions such as what crypto libraries are being used in the
> projects, algorithms used, sensitive data, and potential improvements that
> can be made.  Check the links out in the below thread.
>
>    Though we're not yet integrated, it might be beneficial to put together
> our security audit page under Security/Icehouse/Barbican.
>

This would be very helpful.  If there's anything I can do to help
facilitate this, just let me know.

Cheers,
-bryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140418/54560d2f/attachment.html>


More information about the OpenStack-dev mailing list