On Wed, 2013-08-14 at 12:41 -0300, Thierry Carrez wrote: > Dolph Mathews wrote: > > With regard > > to: https://blueprints.launchpad.net/keystone/+spec/key-distribution-server > > [...] > > Dolph: you don't mention Barbican at all, does that mean that the issue > is settled and the KDS should live in keystone ? > > A side-benefit of landing early in Icehouse rather than late in Havana, > IMHO, was that we could put everyone in the same room (and around the > same beers) and get a single path forward. > > I'm a bit worried (that's with my release management hat on) that if > everyone discovers that Barbican is the way to go for key distribution > at the Hong-Kong summit, we would now have to deprecate the in-Keystone > KDS over several releases just because it landed a few weeks too early. > > That said I haven't followed closely the latest discussions on this, so > maybe this is not as much duplication of effort as I think ?
For the Nth time KDS and Barbican do not do the same job, no more than Keystone auth paths and barbican do the same job. All three use crypto and 'keys' ... in completely different ways. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
