[openstack-dev] [FFE] [nova] Barbican key manager wrapper
Coffman, Joel M.
Joel.Coffman at jhuapl.edu
Fri Sep 5 16:18:30 UTC 2014
-----Original Message-----
From: Sean Dague [mailto:sean at dague.net]
Sent: Friday, September 05, 2014 8:50 AM
To: openstack-dev at lists.openstack.org
Subject: Re: [openstack-dev] [FFE] [nova] Barbican key manager wrapper
On 09/05/2014 08:11 AM, Sean Dague wrote:
> On 09/05/2014 07:51 AM, Daniel P. Berrange wrote:
>> On Thu, Sep 04, 2014 at 05:19:45PM +0000, Coffman, Joel M. wrote:
>>> We request a feature freeze exception be granted to merge this code [3], which is really a shim between the existing key manager interface in Nova and python-barbicanclient, into Nova [4]. The acceptance of this feature will improve the security of cloud users and operators who use the Cinder volume encryption feature [1], which is currently limited to a single, static encryption key for volumes. Cinder has already merged a similar feature [5] following the review of several patch revisions; not accepting the feature in Nova creates a disparity with Cinder in regards to the management of encryption keys.
[snip]
There is a real issue in the current patch which I -1ed on Wed around the way requirements are pulled in.
If you are in FFE there really is an expectation that patches are respun quickly on feedback. So if this isn't addressed shortly, I'm removing my sponsorship here.
That feedback has been addressed - sorry for the delay.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140905/8d55b20d/attachment.html>
More information about the OpenStack-dev
mailing list