Tuesday, 2018-07-10

*** jmlowe has joined #openstack-barbican00:13
*** ducnv has quit IRC00:25
*** DongHM has joined #openstack-barbican01:30
*** mhen has quit IRC01:55
*** mhen has joined #openstack-barbican01:57
*** jmlowe_ has joined #openstack-barbican02:13
*** spotz_ has joined #openstack-barbican02:14
*** mhen has quit IRC02:19
*** spotz has quit IRC02:19
*** jmlowe has quit IRC02:19
*** mhen has joined #openstack-barbican02:19
*** Luzi has joined #openstack-barbican05:47
*** alee has quit IRC06:03
*** ducnv has joined #openstack-barbican06:11
*** velizarx has joined #openstack-barbican06:52
*** alee has joined #openstack-barbican06:58
*** velizarx has quit IRC07:08
openstackgerritVu Cong Tuan proposed openstack/python-barbicanclient master: Switch to stestr  https://review.openstack.org/58122607:09
*** peereb has joined #openstack-barbican07:19
*** velizarx has joined #openstack-barbican07:29
*** serlex has joined #openstack-barbican07:43
*** DongHM has quit IRC08:47
*** toabctl has quit IRC08:48
*** toabctl has joined #openstack-barbican08:54
*** pbourke has quit IRC09:21
*** pbourke has joined #openstack-barbican09:23
*** alee has quit IRC10:12
*** livelace has joined #openstack-barbican10:49
*** alee has joined #openstack-barbican11:03
*** livelace has quit IRC11:13
*** abishop has joined #openstack-barbican11:49
alee#startmeeting barbican12:02
openstackMeeting started Tue Jul 10 12:02:04 2018 UTC and is due to finish in 60 minutes.  The chair is alee. Information about MeetBot at http://wiki.debian.org/MeetBot.12:02
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.12:02
*** openstack changes topic to " (Meeting topic: barbican)"12:02
openstackThe meeting name has been set to 'barbican'12:02
alee#topic roll call12:02
*** openstack changes topic to "roll call (Meeting topic: barbican)"12:02
aleeLuzi, mhen hi12:02
Luzihi alee12:03
aleeanyone else here today?12:03
aleethere are a lot of folks that have been on holiday last week and this week12:04
aleeso not much has changed in the last week12:04
aleeI expect things will pick up more with reviews etc. this week.12:04
aleegiven that - I don't really have much of an agenda today other than to remind folks about the submission requuest deadline for the summit for talks12:05
aleeLuzi, mhen  -- anything you guys want to bring up?12:06
Luziah i just wanted to ask, if there was any discussion concerning the allowed bit lengths?12:07
aleeyeah - everyone has been on holiday -- so alas no12:08
aleefolks are coming back this week so I think we'll have discussion later this week12:08
aleeLuzi, either way - we'll definitely get a fix in in Rocky12:09
Luzialee, i just wanted to know, if i missed something :)12:09
Luziwe have another question: should there be a validation of user provided secrets and their meta-data?12:10
aleewhat kind of validation?12:10
Luzi2 possibilities:12:10
Luzi1. a validation of the combination of meta-data12:11
Luzifor example: aes - private key12:11
Luzithat is not a valid combination of meta-data12:12
Luzi2. a check of secrets against their meta-data (maybe through validator plugins?)12:12
aleeif I recall correctly, there is some validation that is in place12:13
aleebut its rather rudimentary12:13
Luzican you point it out for us?12:14
aleeLuzi, yup -- let me check --12:14
aleeLuzi, what I recall though is there is not a lot there -- certainly its an area that could be improved12:15
Luzibesides this: it is a question, if in general barbican should do things like that or not.12:16
aleeLuzi, so looking through the code, it looks like that type of validation is not there12:18
aleeI'm not opposed to adding the validation - and having some kind of validation plugin for folks to add their own is an interesting idea12:19
aleewe just have not have had a request for that yet.12:19
aleeoften there is validation that takes place in the backend plugins12:19
*** velizarx has quit IRC12:20
Luziwell that's a word :) we can investigate this a little more ...12:20
aleefor instance some hsms/ kmip devices will fail to archive something if the metadata is bad12:20
aleebut it would be nice to do some basic validations in barbican before it gets to that point12:21
aleewe do validate that the fields are correct, but not perhaps the content12:21
*** raildo has joined #openstack-barbican12:21
aleeLuzi, if you guys would like to add some validation code, it will certainly be welcome12:21
aleeraildo, hiu12:22
raildoalee, o/12:22
Luzialee, we had thought about a user wanting to upload and use a private key, but accidently providing the public key. so in that case the meta-data and the seret would differ and could not be used for encryption anymore12:22
aleeLuzi, seems like a reasonable use case12:22
Luzialee, that's a word :)12:23
aleeLuzi, need to look - I thought there was some validation for some of that12:23
aleeI 'll poke around for a bit12:24
aleeLuzi, iirc -- the code is in common/validators.py12:25
Luzialee, i take a look into this12:26
aleeLuzi, you can see what validators are in there -- that would be the place to expand on them12:26
aleeanything else?12:26
aleeLuzi, all good?12:27
Luzithat was everything from my side12:27
aleecool thanks all for attending.  hopefully more will happen this week as folks come back12:28
*** openstack changes topic to "Discussion about development of OpenStack Barbican and its client libraries. - Logs: http://eavesdrop.openstack.org/irclogs/%23openstack-barbican/"12:28
openstackMeeting ended Tue Jul 10 12:28:27 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)12:28
openstackMinutes:        http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.html12:28
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.txt12:28
openstackLog:            http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.log.html12:28
*** velizarx has joined #openstack-barbican12:32
*** Luzi has quit IRC13:45
*** antosh has joined #openstack-barbican14:23
*** tidwellr has joined #openstack-barbican14:28
*** velizarx has quit IRC14:30
*** spotz_ is now known as spotz14:31
*** FrankZhang has joined #openstack-barbican14:33
*** EmilienM is now known as EvilienM14:42
*** peereb has quit IRC14:45
*** tidwellr has quit IRC15:31
*** tidwellr has joined #openstack-barbican15:33
*** jmlowe_ has quit IRC15:50
*** antosh has quit IRC15:58
*** alee has quit IRC15:58
*** antosh has joined #openstack-barbican16:01
*** FrankZhang_ has joined #openstack-barbican16:06
*** jmlowe has joined #openstack-barbican16:08
*** jmlowe has quit IRC16:09
*** FrankZhang has quit IRC16:10
*** FrankZhang_ has quit IRC16:18
*** FrankZhang has joined #openstack-barbican16:19
*** antosh has quit IRC16:29
*** antosh has joined #openstack-barbican16:32
*** jmlowe has joined #openstack-barbican17:09
*** FrankZhang has quit IRC17:27
*** livelace has joined #openstack-barbican17:32
*** antosh has quit IRC18:08
*** antosh has joined #openstack-barbican18:09
*** rmascena has joined #openstack-barbican18:46
*** raildo has quit IRC18:49
*** rmascena is now known as raildo18:49
*** livelace has quit IRC19:07
*** jmlowe has quit IRC19:27
*** serlex has quit IRC19:27
*** jmlowe has joined #openstack-barbican19:51
*** serlex has joined #openstack-barbican20:00
*** FrankZhang has joined #openstack-barbican20:35
*** alee has joined #openstack-barbican20:39
*** raildo has quit IRC20:43
*** serlex has quit IRC20:49
*** noslzzp has joined #openstack-barbican20:49
*** tidwellr has quit IRC20:52
*** noslzzp has quit IRC20:56
*** noslzzp has joined #openstack-barbican21:05
*** jmlowe has quit IRC21:10
*** antosh has quit IRC21:20
*** abishop has quit IRC21:21
*** jmlowe has joined #openstack-barbican21:36
*** antosh has joined #openstack-barbican21:43
openstackgerritDoug Hellmann proposed openstack/castellan master: import zuul job settings from project-config  https://review.openstack.org/58149022:00
openstackgerritDoug Hellmann proposed openstack/castellan master: import zuul job settings from project-config  https://review.openstack.org/58149022:14
*** antosh has quit IRC23:28

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!