Thursday, 2018-11-22

*** mordred has quit IRC00:49
*** annp has quit IRC02:04
*** Luzi has joined #openstack-barbican06:23
*** pcaruana has joined #openstack-barbican07:22
*** jaosorior has joined #openstack-barbican07:41
*** velizarx has joined #openstack-barbican08:10
*** xek has joined #openstack-barbican08:42
*** Emine has joined #openstack-barbican09:41
*** zigo has joined #openstack-barbican10:02
moguimarLuzi: are you around?10:03
moguimardo you have a minute?10:04
moguimaron the oslo.encrypt spec10:04
Luzimoguimar: sure, what's up?10:04
*** mahe has joined #openstack-barbican10:04
moguimarright now castellan supports both barbican and hashicorp vault10:04
*** mahe has left #openstack-barbican10:04
*** mhen has joined #openstack-barbican10:04
moguimaras a generic key manager10:04
moguimarvault is also moving towards encryption as a service capabilities10:05
moguimardo we really need a new library for that?10:05
moguimarwhy not put encryption/decryption as a service also in castellan?10:06
mhenmoguimar, interesting! Does it provide methods to encrypt and decrypt files directly?10:06
Luziwell, we had that kind of discussion at the Summit10:06
moguimarmhen: I can research that10:07
Luzitalking to the Castellan team, it seemed they prefer an extra library for encryption / decryption...10:08
Luziwhich would make sense according to the scope of what Castellan should do and what we want the library to do10:08
moguimarby the way, who is the castellan team? 😅10:09
Luzibasically the Barbican / Security SIG team10:10
moguimarvault only provides data encryption as a service =T10:10
Luzithat's what we have been told at least10:10
mhenmoguimar, the library we are proposing is for file encryption specifically. However, we intend to use a driver-based approach. I could see the encryption-as-a-service interface to be used as a driver backend in the future.10:12
moguimaralso why oslo.encrypt over oslo.crypt?10:12
moguimaras you probably would like to encrypt/decrypt sign/verify10:13
moguimarall those stuff around crypto, not only encryption10:13
mhensignature stuff is usually handled by cursive10:13
Luzithe name came up at the summit and we kept it so that everone we talked to knows, this is the library we talked about10:14
mhenthe library is a requirement for the image encryption we are currently proposing10:14
mhenwe don't plan to replace the current signature mechanism for images10:15
Luziand the name can still be changed, I think - the library doen't exists right now :D10:15
moguimarthen I'll put my sugestion on the spec10:15
moguimarI'm new at openstack10:16
moguimarrecently got oslo core10:16
moguimarbasically tacling oslo.config and now castellan10:16
moguimaron security related stuff10:17
Luziwell it seems that the people we talked to at the summit are all on vacation right now - it's thanksgiving in the US10:18
moguimarwho did you guys talked to?10:19
moguimarcool, he is no my team10:19
moguimarbut I'm based in Europe10:19
Luziand dave-mccowan and gagehugo and ben nemec10:20
Luziwe (mhen and myself) are also from europe10:20
moguimarcool, I met dave as well, and lost the opportunity to meet gage =T10:21
moguimarbeen working with ben, dhellmann and other folks in the oslo.config drivers10:22
moguimarso you're both from SecuStack?10:24
Luziyes :)10:24
Luziwhere are you located in Europe?10:25
Luziah not so far away10:25
moguimarthat 9am was tough to attend10:25
moguimarare you guys in Germany?10:26
moguimarI saw the GmbH in the website, but failed to find location10:27
moguimarI'm originally from Brazil10:27
jaosoriormoguimar: arrived to this late. But yeah, the castellan team is basically Ade, dave mccowan and me (although I barely do stuff there anymore)10:34
jaosoriorof the people left there. Every once in a while some other folks chime in10:34
jaosorioranyway, would be better to wait for next week to get the input of the folks that are on vacations right now10:36
jaosoriorLuzi: got you a spec put up already?10:37
jaosoriorI have some time to review it right now10:37
Luzithere you go10:38
jaosoriorthanks, and sorry for the delay10:38
* jaosorior brews some coffee10:38
Luzitake some time for your coffee, mhen is still answering some questions doug had on this spec10:39
*** salmankhan has joined #openstack-barbican10:49
*** salmankhan1 has joined #openstack-barbican10:52
*** salmankhan has quit IRC10:54
*** salmankhan1 is now known as salmankhan10:54
*** toabctl has joined #openstack-barbican10:54
*** dims has quit IRC11:45
*** raildo has joined #openstack-barbican11:50
*** velizarx has quit IRC12:26
*** moguimar has quit IRC12:42
*** moguimar has joined #openstack-barbican12:54
*** velizarx has joined #openstack-barbican13:06
*** moguimar has quit IRC13:17
*** pcaruana has quit IRC13:50
*** pbourke has quit IRC14:09
*** pbourke has joined #openstack-barbican14:11
*** dims has joined #openstack-barbican14:14
*** Luzi has quit IRC14:22
*** pcaruana has joined #openstack-barbican14:25
*** abishop has quit IRC14:28
*** emine__ has joined #openstack-barbican14:30
*** Emine has quit IRC14:30
*** emine__ has quit IRC15:02
*** velizarx has quit IRC15:08
*** moguimar has joined #openstack-barbican16:23
*** Emine has joined #openstack-barbican16:35
*** moguimar has quit IRC16:46
*** Emine has quit IRC17:34
*** salmankhan has quit IRC18:32
*** Emine has joined #openstack-barbican19:08
*** Emine has quit IRC19:48
*** raildo has quit IRC20:38
*** dave-mccowan has joined #openstack-barbican21:24
*** dave-mccowan has quit IRC21:28
*** xek_ has joined #openstack-barbican22:06
*** xek has quit IRC22:09
*** xek__ has joined #openstack-barbican22:25
*** xek_ has quit IRC22:27

Generated by 2.15.3 by Marius Gedminas - find it at!