On Mon, Jan 20, 2020 at 10:00, Balázs Gibizer <balazs.gibizer at est.tech> wrote: > Hi, > > Looking at the Barbican documentation I see that the secrets can be > stored on disk (SimpleCrypto backend) or in a HW vendor specific HSM > module. Is there a way to use a TPM 2.0 device as the backend of > Barbican via something like [1]? On the today's barbican IRC meeting I got my question answered. In short it is feasible but at the moment no barbican in-tree implementation exists. Also barbican would accept such contribution. Cheers, gibi [2] http://eavesdrop.openstack.org/meetings/barbican/2020/barbican.2020-01-28-13.05.log.html#l-47 > > Cheers, > gibi > > [1] https://github.com/tpm2-software/tpm2-pkcs11 > > >