Open Stack

Fully agreed. Academic and Research sites have extensive X.509
infrastructure that we would not wish to duplicate.

 

Are you only looking at user certificates or are host certificates in the
scope too ?

 

Tim

 

From: openstack-bounces+tim.bell=cern.ch at lists.launchpad.net
[mailto:openstack-bounces+tim.bell=cern.ch at lists.launchpad.net] On Behalf Of
Adam Young
Sent: 16 May 2012 03:10
To: openstack at lists.launchpad.net
Subject: Re: [Openstack] [Keystone] PKI

 

Well, the PKI pieces are the same regardless of the CA and certificate
issuing pieces.  All we will need to do is to use a signing key to sign a
document.  So EJBCA or Dogtag will work equally as well.  If people already
have a CA infrastructure, they should be able to leverage that, too.


On 05/15/2012 04:47 PM, Thor Wolpert wrote: 

If you're open to levarging other OSS projects,
http://www.ejbca.org/architecture.html us a great one to look at, assuming
you need a PKI implementation available. 

 

I believe it is at least worth a look.

On Tue, May 15, 2012 at 1:30 PM, Razique Mahroua <razique.mahroua at gmail.com>
wrote:

great topic :)





 <mailto:heckj at mac.com> Joseph Heck

15 mai 2012 21:06

Coming out of the Keystone meeting from today
(http://eavesdrop.openstack.org/meetings/openstack-meeting/2012/openstack-me
eting.2012-05-15-18.02.html), I thought it worth mentioning that adam young
has been doing some tremendous lifting in terms of looking at adding in PKI
support to Keystone. The writeup and details are on the OpenStack wiki at
http://wiki.openstack.org/PKI

I rather suspect there's a lot of interest in this topic, so I wanted to
make sure the broader community knew about the effort, what we were
thinking, and were we are. 

If you're interested in discussing, the keystone meeting is on Tuesday
mornings at 18:00 UTC

-joe

_______________________________________________
Mailing list: https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack> 
Post to : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack> 
More help : https://help.launchpad.net/ListHelp

 

-- 
Nuage & Co - Razique Mahroua 
razique.mahroua at gmail.com

  


_______________________________________________
Mailing list: https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack> 
Post to     : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack> 
More help   : https://help.launchpad.net/ListHelp

 






_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack at lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120516/4bffaacf/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5201 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120516/4bffaacf/attachment.bin>