[openstack-dev] [barbican] Adjust weekly meeting time for US DST

2018-10-30 Thread Douglas Mendizabal
Hi openstack-dev@, During the weekly meeting today the topic of moving the weekly meeting forward by an hour to adjust for US Daylight Savings Time ending was brought up. All contributors in attendance unanimously voted for the move. [1] If you would like to participate in the meetings and didn'

Re: [openstack-dev] [barbican][heat] Identifying secrets in Barbican

2018-06-28 Thread Douglas Mendizabal
Replying inline. On Wed, 2018-06-27 at 16:39 -0400, Zane Bitter wrote: > We're looking at using Barbican to implement a feature in Heat[1] > and > ran into some questions about how secrets are identified in the > client. > > With most openstack clients, resources are identified by a UUID. You >

Re: [openstack-dev] [barbican] NEW weekly meeting time

2018-06-14 Thread Douglas Mendizabal
+1 The new time slot would definitely make it much easier for me to attend than the current one. - Douglas Mendizábal On Thu, 2018-06-14 at 16:30 -0400, Ade Lee wrote: > The new time slot has been pretty difficult for folks to attend. > I'd like to propose a new time slot, which will hopefully b

Re: [openstack-dev] [requirements] pycrypto is dead, long live pycryptodome... or cryptography...

2017-03-08 Thread Douglas Mendizabal
One of my goals for Barbican for this cycle is to migrate our code to use pyca/cryptography exclusively. We currently depend on both because at one point we needed things that were not available in early releases of cryptography. - Douglas Mendizábal (redrobot) > On Mar 8, 2017, at 1:11 PM, D

[openstack-dev] OpenStack Speaker Support

2015-07-29 Thread Douglas Mendizabal
Does anyone monitor speakersupp...@openstack.org ? I’ve been waiting for a reply for a few days now. Thanks, - Doug Mendizábal signature.asc Description: Message signed with OpenPGP using GPGMail

Re: [openstack-dev] Barbican : Dependency of pyenv configuration in Barbican.sh script

2015-04-23 Thread Douglas Mendizabal
: application/json” and you should see the correct responses. Thanks, - Douglas Mendizabal [1] https://www.python.org/dev/peps/pep-/ [2] http://git.openstack.org/cgit/openstack/barbican/tree/barbican/api/app.py#n74 [3] http://uwsgi-docs.readthedocs.org/en/latest/ [4] https://code.google.com/p

[openstack-dev] [api] Minor changes to API

2015-04-20 Thread Douglas Mendizabal
**kwargs would start seeing TypeErrors for unexpected arguments. Thanks, Douglas Mendizabal __ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org

Re: [openstack-dev] [all] Liberty Design Summit - Proposed slot allocation

2015-04-14 Thread Douglas Mendizabal
The Barbican will probably only need 2 fishbowls, so we wouldn’t mind donating the third one to OSSG. -Doug Mendizabal On 4/10/15, 4:46 AM, "Clark, Robert Graham" wrote: >On 10/04/2015 10:37, "Thierry Carrez" wrote: > >>Hi PTLs, >> >>Here is the proposed slot allocation for every project team

Re: [openstack-dev] [all] Kilo stable branches for "other" libraries

2015-04-09 Thread Douglas Mendizabal
The Barbican Team also has a plan to release a new version of barbican client for Kilo. The planned version is 3.1.0. [1] and it will include features landed during FFE. Thanks, -Douglas Mendizabal [1] https://launchpad.net/python-barbicanclient/+milestone/3.1.0 <https://launchpad.net/pyt

[openstack-dev] [barbican] PTL Candidacy

2015-04-07 Thread Douglas Mendizabal
. Thanks, -Douglas Mendizabal Douglas Mendizábal IRC: redrobot PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C signature.asc Description: Message signed with OpenPGP using GPGMail __ OpenStack

[openstack-dev] [barbican] python-barbicanclient 3.0.3 released

2015-03-30 Thread Douglas Mendizabal
The Barbican Project Team would like to announce the release of python-barbicanclient 3.0.3. The release is available via PyPI * https://pypi.python.org/pypi/python-barbicanclient For detailed release notes, please visit the milestone page i

Re: [openstack-dev] Barbican : Usage of mode attribute in storing and order the secret

2015-03-30 Thread Douglas Mendizabal
Hi Asha, Barbican Orders of type “key” are intended to generate keys suitable for encryption. The metadata associated with the key order defines the encryption scheme in which the key will be used. In the example you provided, the order is requesting a key that is suitable for use in a block

Re: [openstack-dev] Barbican : Usage of public_key, private_key and private_key_passphrase under RSA type Container

2015-03-16 Thread Douglas Mendizabal
Hello again Asha, Yes, the predefined secret names in an RSA container should match up with secret refs for those actual things. “private_key” should point to the private key of the RSA pair, “public_key” should point to the matching public key. private_key_passphrase is optional, and it is on

Re: [openstack-dev] Barbican : Unable to create the container with the POST request using the CURL command

2015-03-16 Thread Douglas Mendizabal
HI Asha, It looks like your curl command is malformed, which is why you’re getting all the curl errors. You need to quote the entirety of the payload, like so: curl -X POST -H 'content-type:application/json' -H 'X-Project-Id: 12345' -d '{ "name": "container1" ,"type": "rsa","secret_refs": [ {

Re: [openstack-dev] new failures running Barbican functional tests

2015-03-10 Thread Douglas Mendizabal
Thanks for the insight, other Doug. :) It appears that this is in part due to the fact that Tempest has not yet updated to oslo_log and is still using incubator oslo.log. Can someone from the Tempest team chime in on what the status of migrating to oslo_log is? It’s imperative for us to fix o

Re: [openstack-dev] [barbican] python-barbicanclient 3.0.2 released

2015-01-29 Thread Douglas Mendizabal
> On Jan 29, 2015, at 1:19 PM, Doug Hellmann wrote: > > > > On Thu, Jan 29, 2015, at 01:31 PM, Joe Gordon wrote: >> On Thu, Jan 29, 2015 at 9:52 AM, Sean Dague wrote: >> >>> So, honestly, yes. >>> >>> For a library to release safely it must: >>> >>> * have stable-compat jobs running (this

Re: [openstack-dev] [barbican] python-barbicanclient 3.0.2 released

2015-01-27 Thread Douglas Mendizabal
://review.openstack.org/#/c/150645/ Douglas Mendizábal IRC: redrobot PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C > On Jan 27, 2015, at 7:22 PM, Sean Dague wrote: > > On 01/27/2015 05:21 PM, Sean Dague wrote: >> On 01/27/2015 03:55 PM, Douglas M

[openstack-dev] [barbican] python-barbicanclient 3.0.2 released

2015-01-27 Thread Douglas Mendizabal
Hi openstack-dev, The barbican team would like to announce the release of python-barbicanclient 3.0.2. This is a minor release that fixes a bug in the pbr versioning that was preventing the client from working correctly. The release is available on PyPI https://pypi.python.org/pypi/python-bar

[openstack-dev] [api] Optional Properties in an Entity

2015-01-19 Thread Douglas Mendizabal
Hi API WG, I’m curious about something that came up during a bug discussion in one of the Barbican weekly meetings. The question is about optional properties in an entity. e.g. We have a Secret entity that has some properties that are optional, such as the Secret’s name. We were split on wha

[openstack-dev] [barbican] Retiring python-barbicanclient 2.x

2015-01-16 Thread Douglas Mendizabal
Hi openstack-dev@, The barbican team would like to retire the 2.x branch of python-barbicanclient in favor of the 3.x branch: https://review.openstack.org/#/c/146231/ The 3.x branch of python-barbicanclient represents a major improvement of the Barbican client. The main breaking change betwee

[openstack-dev] [barbican] Kilo Mid-Cycle Sprint

2015-01-13 Thread Douglas Mendizabal
Hi openstack-dev! I just wanted to send a reminder that the Barbican mid-cycle Sprint will be taking place on February 16-18 in Austin, TX, which is just five weeks away. There’ll be an overlap of a couple of days with the OSSG Mid-Cycle Sprint, which will hopefully give us a chance to collabo

[openstack-dev] [barbican] Mid-Cycle Sprint

2014-12-15 Thread Douglas Mendizabal
Hi openstack-dev, The Barbican team is planning to have a mid-cycle sprint in Austin, TX on February 16-18, 2015. We’ll be meeting at Capital Factory, a co-working space in downtown Austin. For more details and RSVP, please see: https://wiki.openstack.org/wiki/Sprints/BarbicanKiloSprint Than

Re: [openstack-dev] [Openstack-security] [Barbican][OSSG] Mid Cycle Attendance / Crossover.

2014-11-11 Thread Douglas Mendizabal
I think it would also be interesting to hear for the Keystone folks that are interested in attending OSSG and/or Barbican. A few people have told me they found the Keystone/Barbican overlap for the last mid-cycle to be helpful, so it might be worthwhile doing again. -Doug M.

Re: [openstack-dev] [Barbican] Nominating Juan Antonio Osorio Robles for barbican-core

2014-11-10 Thread Douglas Mendizabal
://eavesdrop.openstack.org/meetings/barbican/2014/barbican.2014-11-10-2 0.00.log.html Douglas Mendizábal IRC: redrobot PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C On 11/7/14, 1:03 PM, "Ade Lee" wrote: >+1 for me. > >On Wed, 2014-11-05 at 15:53 +, Dougl

Re: [openstack-dev] [Barbican] Nominating Steve Heyman for barbican-core

2014-11-10 Thread Douglas Mendizabal
Hi all, As discussed during the Barbican Weekly Meeting today [1], after 5 days of lazy consensus the nomination for Steve Heyman has been approved with six +1 votes, so we would like to welcome Steve to the barbican-core team. Thanks, Doug Mendizábal [1] http://eavesdrop.openstack.org/meetings

[openstack-dev] [Barbican] Nominating Juan Antonio Osorio Robles for barbican-core

2014-11-05 Thread Douglas Mendizabal
Hi All, I would like to nominate Juan Antonio Osorio Robles to the barbican-core team. Juan has been consistently giving us very well thought out and constructive reviews for Barbican, python-barbicanclient and barbican-specs. It’s obvious from his reviews that he cares deeply for the quality of

Re: [openstack-dev] [Barbican] Nominating Steve Heyman for barbican-core

2014-11-05 Thread Douglas Mendizabal
+1 Douglas Mendizábal IRC: redrobot PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C From: Chad Lung Reply-To: "OpenStack Development Mailing List (not for usage questions)" Date: Wednesday, November 5, 2014 at 4:17 PM To: "openstack-dev@lists.openstack.org"

Re: [openstack-dev] [OpenStack] [Barbican] [Cinder] Cinder and Barbican

2014-10-16 Thread Douglas Mendizabal
Hi Giuseppe, Someone from the Cinder team can correct me if I’m wrong, but I don’t think that Cinder has done any integration with Barbican yet. -Douglas Douglas Mendizábal IRC: redrobot PGP Key: 245C 7B6F 70E9 D8F3 F5D5 0CC9 AD14 1F30 2D58 923C From: Giuseppe Galeota Re

[openstack-dev] [barbican] Barbican Juno Release

2014-10-16 Thread Douglas Mendizabal
Hi All, The Barbican team is proud to announce the final release of the Barbican Key Management Service for Juno: https://launchpad.net/barbican/juno/2014.2 This release includes 9 Blueprints and 47 bug fixes. Check the link above for the full details. Many thanks to all the contributors who m

[openstack-dev] [barbican] PTL Candidacy

2014-09-25 Thread Douglas Mendizabal
Hi OpenStack-dev, I would like to put my name in the hat for PTL of the Key Management Service Program, which includes Barbican, python-barbicanclient, Kite, and python-kiteclient. I’ve had the pleasure of being a part of the Barbican team since the very beginning of the project. During the last

[openstack-dev] python-barbicanclient 2.2.1 released

2014-07-15 Thread Douglas Mendizabal
The Barbican development team would like to announce the release of python-barbicanclient version 2.2.1 python-barbicanclient is a client library for the Barbican Key Management Service. It provides a Python API (barbicanclient module) and a command-line tool (barbican). This release can be inst

[openstack-dev] [barbican] Meeting Monday July 14 at 20:00 UTC

2014-07-14 Thread Douglas Mendizabal
Hi Everyone, The Barbican team is hosting our weekly meeting today, Monday June 14, at 20:00 UTC in #openstack-meeting-alt Meeting agenda is available here https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed to add agenda items. You can check this link http://time.is/0800P

[openstack-dev] [barbican] Nominating Nathan Reller for barbican-core

2014-07-10 Thread Douglas Mendizabal
Hi Everyone, I would also like to nominate Nathan Reller for the barbican-core team. Nathan has been involved with the Key Management effort since early 2013. Recently, Nate has been driving the development of a KMIP backend for Barbican, which will enable Barbican to be used with KMIP devices.

[openstack-dev] [barbican] Nominating Ade Lee for barbican-core

2014-07-10 Thread Douglas Mendizabal
Hi Everyone, I would like to nominate Ade Lee for the barbican-core team. Ade has been involved in the development of Barbican since January of this year, and he’s been driving the work to enable DogTag to be used as a back end for Barbican. Ade’s input to the design of barbican has been invalua

[openstack-dev] [barbican] Rebase pending CRs

2014-07-08 Thread Douglas Mendizabal
All, As part of our ongoing mid-cycle meetup, the Barbican team was able to merge the plugin restructuring CR [1]. This is a pretty big change that will likely cause merge conflicts for most pending CRs. So, if you’re waiting on reviews for Barbican change requests, please take some time to reb

[openstack-dev] [barbican] Consumer Registration API

2014-07-02 Thread Douglas Mendizabal
I was looking through some Keystone docs and noticed that for version 3.0 of their API [1] Keystone merged the Service and Admin API into a single core API. I haven’t gone digging through mail archives, but I imagine they had a pretty good reason to do that. Adam, I know you’ve already implemente

Re: [openstack-dev] [barbican] Juno Mid-cycle Meetup

2014-06-24 Thread Douglas Mendizabal
, please be sure to RSVP if you’re planning on coming, so that we can plan accordingly. RSVP [ https://docs.google.com/forms/d/1iao7mEN6HV3CRCRuCPhxOaF4_tJ-Kqq4_Lli1quft58 /viewform?usp=send_form ] Thanks, Doug Mendizábal IRC: redrobot From: Douglas Mendizabal Reply-To: "OpenStack Develo

[openstack-dev] [barbican] Juno Mid-cycle Meetup

2014-06-16 Thread Douglas Mendizabal
Hi Everyone, Just wanted to send a reminder that the Barbican Juno meetup is coming up in a few weeks. We’ll be meeting at the new Geekdom location in San Antonio, TX on July 7-9 (Monday-Wednesday). This meetup will overlap with the Keystone Juno Hackathon being held July 9-11 at the same locat

[openstack-dev] [barbican] Meeting Monday June 16 at 20:00 UTC

2014-06-16 Thread Douglas Mendizabal
Hi Everyone, The Barbican team is hosting our weekly meeting today, Monday June 16nd, at 20:00 UTC in #openstack-meeting-alt Meeting agenda is available here https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed to add agenda items. You can check this link http://time.is/080

Re: [openstack-dev] [Neutron][LBaaS] TLS support RST document on Gerrit

2014-06-11 Thread Douglas Mendizabal
Hi Doug, Barbican does guarantee the integrity and availability of the secret, unless the owner of the secret deletes it from Barbican. We’re not encouraging that you store a shadow-copy of the secret either. This was proposed by the LBaaS team as a possible workaround for your use case. Our re

Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration Ideas

2014-06-10 Thread Douglas Mendizabal
I think that having Barbican decide whether the user is or isn’t allowed to delete a secret that they own based on a reference count that is not directly controlled by them is unacceptable. This is indeed policy enforcement, and we’d rather not go down that path. I’m opposed to the idea of refer

Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration Ideas

2014-06-09 Thread Douglas Mendizabal
I understand how this could be helpful, but I still don’t understand why this is Barbican’s problem to solve. >From Jorge’s original email: >> Using this method requires services, such as LBaaS, to "register" in >>the form of metadata to a barbican container. If our assumptions are that the GUI

Re: [openstack-dev] [Neutron][LBaaS] Barbican Neutron LBaaS Integration Ideas

2014-06-09 Thread Douglas Mendizabal
Hi all, I’m strongly in favor of having immutable TLS-typed containers, and very much opposed to storing every revision of changes done to a container. I think that storing versioned containers would add too much complexity to Barbican, where immutable containers would work well. I’m still not

[openstack-dev] [barbican] Meeting Monday June 2nd at 20:00 UTC

2014-06-02 Thread Douglas Mendizabal
Hi Everyone, The Barbican team is hosting our weekly meeting today, Monday June 2nd, at 20:00 UTC in #openstack-meeting-alt Meeting agenda is available here https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed to add agenda items. You can check this link http://time.is/0800

[openstack-dev] [barbican] Hacking to be enabled in pep8 gate

2014-05-30 Thread Douglas Mendizabal
Hi All, I just wanted to give everyone a quick heads up that we’ve received a lot of contributions in the last couple of days to fix all of the Hacking violations in the Barbican codebase that have been outstanding since before incubation. We’re now ready to include Hacking checks as part of the

Re: [openstack-dev] [barbican] any barbican devs at summit?

2014-05-14 Thread Douglas Mendizabal
Hi Michael, There’s quite a few Barbican devs here at the summit. We’ll be hanging out at the Barbican table in room B204 tomorrow if you want to drop in and chat. You can also ping us on #openstack-barbican on freenode. - Douglas Mendizábal IRC: redrobot From: Michael Dorman Reply-To: "Open

[openstack-dev] [barbican] Meeting Monday April 28th at 20:00 UTC

2014-04-28 Thread Douglas Mendizabal
Hi Everyone, The Barbican team is hosting our weekly meeting today, Monday April 28, at 20:00 UTC in #openstack-meeting-alt Meeting agenda is avaialbe here https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed to add agenda items You can check this link http://time.is/0800P

[openstack-dev] [barbican] Meeting Monday April 21st at 20:00 UTC

2014-04-21 Thread Douglas Mendizabal
Hi Everyone, The Barbican team is hosting our weekly meeting today, Monday April 21, at 20:00 UTC in #openstack-meeting-alt Meeting agenda is avaialbe here https://wiki.openstack.org/wiki/Meetings/Barbican and everyone is welcomed to add agenda items You can check this link http://time.is/0800P

Re: [openstack-dev] [barbican] Barbican 2014.1 ("Icehouse") is released

2014-04-16 Thread Douglas Mendizabal
could you please point to the project docs? Thanks, Eugene. On Thu, Apr 17, 2014 at 1:48 AM, Douglas Mendizabal wrote: > Hi everybody! > > It is my pleasure to announce the final release of Barbican for Icehouse > 2014.1 > > Information on the milestone and its associated ta

[openstack-dev] [barbican] Barbican 2014.1 ("Icehouse") is released

2014-04-16 Thread Douglas Mendizabal
Hi everybody! It is my pleasure to announce the final release of Barbican for Icehouse 2014.1 Information on the milestone and its associated tar ball are available at: https://launchpad.net/barbican/icehouse/icehouse Many thanks to all the contributors who made this first incubated milestone po

[openstack-dev] [barbican] Meeting Monday April 7th at 20:00 UTC

2014-04-07 Thread Douglas Mendizabal
/0800PM_7_Apr_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting if you need to figure out what 20:00 UTC means in your time. -Douglas Mendizabal smime.p7s Description: S/MIME cryptographic signature ___ OpenStack-dev mailing list OpenStack-dev

[openstack-dev] [barbican] Meeting Monday March 31st at 20:00 UTC

2014-03-31 Thread Douglas Mendizabal
/0800PM_31_Mar_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting if you need to figure out what 20:00 UTC means in your time. -Douglas Mendizabal smime.p7s Description: S/MIME cryptographic signature ___ OpenStack-dev mailing list OpenStack-dev

Re: [openstack-dev] [Ironic][Keystone] Move drivers credentials to Keystone

2014-03-25 Thread Douglas Mendizabal
Yes, this is exactly the use case we’re trying to address with Barbican. I think this is something that definitely belongs in Barbican, especially now that we are an incubated project. We’d love to help out with any integration questions you may have. -Doug Mendizabal On 3/25/14, 12:49 PM, "Jay

[openstack-dev] [barbican] Meeting Monday March 24th at 20:00 UTC

2014-03-24 Thread Douglas Mendizabal
/0800PM_24_Mar_2014_in_UTC/CDT/EDT/PDT?Barbican_Weekly_Meeting if you need to figure out what 20:00 UTC means in your time. -Douglas Mendizabal smime.p7s Description: S/MIME cryptographic signature ___ OpenStack-dev mailing list OpenStack-dev

Re: [openstack-dev] Proposal to move from Freenode to OFTC

2014-03-04 Thread Douglas Mendizabal
I agree with Stefano. Migrating the entire community to a new service would be incredibly painful. It seems the pain of moving is not justified if we don’t know for a fact that OFTC would be more resilient to DDoS attacks. -1 to the switch as well. -Doug Mendizabal On 3/4/14, 2:48 PM, "Stefa

Re: [openstack-dev] a "common" client library

2014-01-16 Thread Douglas Mendizabal
+1 to a stand alone library for this. >> 1) We would have to maintain rationale versioning and backwards compatibility of this library. If we start library from scratch we'll have to add/change lots of stuff before we'll reach some stability period. I don’t think this is a hard problem to solve.

Re: [openstack-dev] [openstack-tc] Incubation Request for Barbican

2013-12-05 Thread Douglas Mendizabal
> >I agree that this is concerning. And that what's concerning isn't so >much that the project did something different, but rather that choice >was apparently made because the project thought it was perfectly fine >for them to ignore what other OpenStack projects do and go off and do >its own thin