.
-Original Message-
From: Carlos Garza [mailto:carlos.ga...@rackspace.com]
Sent: Saturday, April 19, 2014 2:47 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario
question
On Apr 18, 2014, at 10:21 AM
en Balukoff [mailto:sbaluk...@bluebox.net<http://bluebox.net>]
Sent: Friday, April 18, 2014 9:07 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario
question
Hi y'all!
Carlos: When I say 'client cer
ff [mailto:sbaluk...@bluebox.net]
> *Sent:* Friday, April 18, 2014 9:07 PM
>
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron][LBaaS] SSL re-encryption
> scenario question
>
>
>
> Hi y'all!
>
>
>
>
Excerpts from Eichberger, German's message of 2014-04-21 11:51:05 -0700:
> Hi,
>
> Despite there are some good use cases for the re-encryption I think it’s out
> of scope for a Load Balancer. We can defer that functionality to the VPN – as
> long as we have a mechanism to insert a LoadBalancer a
, 2014 9:07 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario
question
Hi y'all!
Carlos: When I say 'client cert' I'm talking about the certificate / key
combination the load balan
On 04/18/2014 11:21 AM, Stephen Balukoff wrote:
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes
sense to re-encrypt traffic traffic destined for members of a back-end
pool? SSL termination on the load balancer makes sense to me, but I'm
having trouble understa
– but the network between the
load balancer and the nodes is not completely private and the sensitive
information needs to be again transmitted encrypted. This is admittedly an edge
case but we had to implement a similar scheme for HP Cloud’s swift storage.
German
From: Stephen Balukoff
[mailto:
gt;> The use case is that the Load Balancer needs to look at the HTTP requests
>> be it to add an X-Forward field or change the timeout – but the network
>> between the load balancer and the nodes is not completely private and the
>> sensitive information needs to be again transmitted e
transmitted encrypted. This is admittedly an edge
case but we had to implement a similar scheme for HP Cloud’s swift storage.
German
From: Stephen Balukoff
[mailto:sbaluk...@bluebox.net<mailto:sbaluk...@bluebox.net>]
Sent: Friday, April 18, 2014 8:22 AM
To: OpenStack Development Mailing Li
swift storage.
German
From: Stephen Balukoff
[mailto:sbaluk...@bluebox.net<mailto:sbaluk...@bluebox.net>]
Sent: Friday, April 18, 2014 8:22 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario question
Ho
On Apr 18, 2014, at 10:21 AM, Stephen Balukoff wrote:
> Howdy, folks!
>
> Could someone explain to me the SSL usage scenario where it makes sense to
> re-encrypt traffic traffic destined for members of a back-end pool? SSL
> termination on the load balancer makes sense to me, but I'm having
Rocky
-Original Message-
From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com]
Sent: Friday, April 18, 2014 2:13 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario
question
+1 for German&
+1 for German's use cases. We need SSL re-encryption for decisions the
load balancer needs to make at the l7 layer as well. Thanks Clint, for
your thorough explanation from a security standpoint.
Cheers,
--Jorge
On 4/18/14 1:38 PM, "Clint Byrum" wrote:
>Excerpts from Stephen Balukoff's messa
Excerpts from Stephen Balukoff's message of 2014-04-18 10:36:11 -0700:
> Dang. I was hoping this wasn't the case. (I personally think it's a
> little silly not to trust your service provider to secure a network when
> they have root access to all the machines powering your cloud... but I
> digres
Stephen Balukoff
[mailto:sbaluk...@bluebox.net<mailto:sbaluk...@bluebox.net>]
Sent: Friday, April 18, 2014 8:22 AM
To: OpenStack Development Mailing List (not for usage questions)
Subject: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario question
Howdy, folks!
Could someone explain to me
age.
>
>
>
> German
>
>
>
> *From:* Stephen Balukoff [mailto:sbaluk...@bluebox.net]
> *Sent:* Friday, April 18, 2014 8:22 AM
>
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario
&
] [Neutron][LBaaS] SSL re-encryption scenario question
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes sense to
re-encrypt traffic traffic destined for members of a back-end pool? SSL
termination on the load balancer makes sense to me, but I'm having tr
ack-dev@lists.openstack.org>>
Subject: [openstack-dev] [Neutron][LBaaS] SSL re-encryption scenario question
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes sense to
re-encrypt traffic traffic destined for members of a back-end pool? SSL
termination on the load
Howdy, folks!
Could someone explain to me the SSL usage scenario where it makes sense to
re-encrypt traffic traffic destined for members of a back-end pool? SSL
termination on the load balancer makes sense to me, but I'm having trouble
understanding why one would be concerned about then re-encryp
19 matches
Mail list logo