| *** jmlowe has joined #openstack-barbican | 00:13 | |
| *** ducnv has quit IRC | 00:25 | |
| *** DongHM has joined #openstack-barbican | 01:30 | |
| *** mhen has quit IRC | 01:55 | |
| *** mhen has joined #openstack-barbican | 01:57 | |
| *** jmlowe_ has joined #openstack-barbican | 02:13 | |
| *** spotz_ has joined #openstack-barbican | 02:14 | |
| *** mhen has quit IRC | 02:19 | |
| *** spotz has quit IRC | 02:19 | |
| *** jmlowe has quit IRC | 02:19 | |
| *** mhen has joined #openstack-barbican | 02:19 | |
| *** Luzi has joined #openstack-barbican | 05:47 | |
| *** alee has quit IRC | 06:03 | |
| *** ducnv has joined #openstack-barbican | 06:11 | |
| *** velizarx has joined #openstack-barbican | 06:52 | |
| *** alee has joined #openstack-barbican | 06:58 | |
| *** velizarx has quit IRC | 07:08 | |
| openstackgerrit | Vu Cong Tuan proposed openstack/python-barbicanclient master: Switch to stestr https://review.openstack.org/581226 | 07:09 |
|---|---|---|
| *** peereb has joined #openstack-barbican | 07:19 | |
| *** velizarx has joined #openstack-barbican | 07:29 | |
| *** serlex has joined #openstack-barbican | 07:43 | |
| *** DongHM has quit IRC | 08:47 | |
| *** toabctl has quit IRC | 08:48 | |
| *** toabctl has joined #openstack-barbican | 08:54 | |
| *** pbourke has quit IRC | 09:21 | |
| *** pbourke has joined #openstack-barbican | 09:23 | |
| *** alee has quit IRC | 10:12 | |
| *** livelace has joined #openstack-barbican | 10:49 | |
| *** alee has joined #openstack-barbican | 11:03 | |
| *** livelace has quit IRC | 11:13 | |
| *** abishop has joined #openstack-barbican | 11:49 | |
| alee | #startmeeting barbican | 12:02 |
| openstack | Meeting started Tue Jul 10 12:02:04 2018 UTC and is due to finish in 60 minutes. The chair is alee. Information about MeetBot at http://wiki.debian.org/MeetBot. | 12:02 |
| openstack | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 12:02 |
| *** openstack changes topic to " (Meeting topic: barbican)" | 12:02 | |
| openstack | The meeting name has been set to 'barbican' | 12:02 |
| alee | #topic roll call | 12:02 |
| *** openstack changes topic to "roll call (Meeting topic: barbican)" | 12:02 | |
| Luzi | o/ | 12:02 |
| mhen | o/ | 12:02 |
| alee | Luzi, mhen hi | 12:02 |
| Luzi | hi alee | 12:03 |
| alee | anyone else here today? | 12:03 |
| alee | there are a lot of folks that have been on holiday last week and this week | 12:04 |
| alee | so not much has changed in the last week | 12:04 |
| alee | I expect things will pick up more with reviews etc. this week. | 12:04 |
| alee | given that - I don't really have much of an agenda today other than to remind folks about the submission requuest deadline for the summit for talks | 12:05 |
| alee | Luzi, mhen -- anything you guys want to bring up? | 12:06 |
| Luzi | ah i just wanted to ask, if there was any discussion concerning the allowed bit lengths? | 12:07 |
| alee | yeah - everyone has been on holiday -- so alas no | 12:08 |
| Luzi | okay | 12:08 |
| alee | folks are coming back this week so I think we'll have discussion later this week | 12:08 |
| alee | Luzi, either way - we'll definitely get a fix in in Rocky | 12:09 |
| Luzi | alee, i just wanted to know, if i missed something :) | 12:09 |
| Luzi | we have another question: should there be a validation of user provided secrets and their meta-data? | 12:10 |
| alee | what kind of validation? | 12:10 |
| Luzi | 2 possibilities: | 12:10 |
| Luzi | 1. a validation of the combination of meta-data | 12:11 |
| Luzi | for example: aes - private key | 12:11 |
| Luzi | that is not a valid combination of meta-data | 12:12 |
| Luzi | 2. a check of secrets against their meta-data (maybe through validator plugins?) | 12:12 |
| alee | if I recall correctly, there is some validation that is in place | 12:13 |
| alee | but its rather rudimentary | 12:13 |
| Luzi | can you point it out for us? | 12:14 |
| alee | Luzi, yup -- let me check -- | 12:14 |
| alee | Luzi, what I recall though is there is not a lot there -- certainly its an area that could be improved | 12:15 |
| Luzi | besides this: it is a question, if in general barbican should do things like that or not. | 12:16 |
| alee | Luzi, so looking through the code, it looks like that type of validation is not there | 12:18 |
| alee | I'm not opposed to adding the validation - and having some kind of validation plugin for folks to add their own is an interesting idea | 12:19 |
| alee | we just have not have had a request for that yet. | 12:19 |
| alee | often there is validation that takes place in the backend plugins | 12:19 |
| *** velizarx has quit IRC | 12:20 | |
| Luzi | well that's a word :) we can investigate this a little more ... | 12:20 |
| alee | for instance some hsms/ kmip devices will fail to archive something if the metadata is bad | 12:20 |
| alee | but it would be nice to do some basic validations in barbican before it gets to that point | 12:21 |
| alee | we do validate that the fields are correct, but not perhaps the content | 12:21 |
| *** raildo has joined #openstack-barbican | 12:21 | |
| alee | Luzi, if you guys would like to add some validation code, it will certainly be welcome | 12:21 |
| alee | raildo, hiu | 12:22 |
| raildo | alee, o/ | 12:22 |
| Luzi | alee, we had thought about a user wanting to upload and use a private key, but accidently providing the public key. so in that case the meta-data and the seret would differ and could not be used for encryption anymore | 12:22 |
| alee | Luzi, seems like a reasonable use case | 12:22 |
| Luzi | alee, that's a word :) | 12:23 |
| alee | Luzi, need to look - I thought there was some validation for some of that | 12:23 |
| alee | I 'll poke around for a bit | 12:24 |
| alee | Luzi, iirc -- the code is in common/validators.py | 12:25 |
| Luzi | alee, i take a look into this | 12:26 |
| alee | Luzi, you can see what validators are in there -- that would be the place to expand on them | 12:26 |
| alee | anything else? | 12:26 |
| alee | Luzi, all good? | 12:27 |
| Luzi | that was everything from my side | 12:27 |
| alee | cool thanks all for attending. hopefully more will happen this week as folks come back | 12:28 |
| alee | #endmeeting | 12:28 |
| *** openstack changes topic to "Discussion about development of OpenStack Barbican and its client libraries. - Logs: http://eavesdrop.openstack.org/irclogs/%23openstack-barbican/" | 12:28 | |
| openstack | Meeting ended Tue Jul 10 12:28:27 2018 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 12:28 |
| openstack | Minutes: http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.html | 12:28 |
| openstack | Minutes (text): http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.txt | 12:28 |
| openstack | Log: http://eavesdrop.openstack.org/meetings/barbican/2018/barbican.2018-07-10-12.02.log.html | 12:28 |
| *** velizarx has joined #openstack-barbican | 12:32 | |
| *** Luzi has quit IRC | 13:45 | |
| *** antosh has joined #openstack-barbican | 14:23 | |
| *** tidwellr has joined #openstack-barbican | 14:28 | |
| *** velizarx has quit IRC | 14:30 | |
| *** spotz_ is now known as spotz | 14:31 | |
| *** FrankZhang has joined #openstack-barbican | 14:33 | |
| *** EmilienM is now known as EvilienM | 14:42 | |
| *** peereb has quit IRC | 14:45 | |
| *** tidwellr has quit IRC | 15:31 | |
| *** tidwellr has joined #openstack-barbican | 15:33 | |
| *** jmlowe_ has quit IRC | 15:50 | |
| *** antosh has quit IRC | 15:58 | |
| *** alee has quit IRC | 15:58 | |
| *** antosh has joined #openstack-barbican | 16:01 | |
| *** FrankZhang_ has joined #openstack-barbican | 16:06 | |
| *** jmlowe has joined #openstack-barbican | 16:08 | |
| *** jmlowe has quit IRC | 16:09 | |
| *** FrankZhang has quit IRC | 16:10 | |
| *** FrankZhang_ has quit IRC | 16:18 | |
| *** FrankZhang has joined #openstack-barbican | 16:19 | |
| *** antosh has quit IRC | 16:29 | |
| *** antosh has joined #openstack-barbican | 16:32 | |
| *** jmlowe has joined #openstack-barbican | 17:09 | |
| *** FrankZhang has quit IRC | 17:27 | |
| *** livelace has joined #openstack-barbican | 17:32 | |
| *** antosh has quit IRC | 18:08 | |
| *** antosh has joined #openstack-barbican | 18:09 | |
| *** rmascena has joined #openstack-barbican | 18:46 | |
| *** raildo has quit IRC | 18:49 | |
| *** rmascena is now known as raildo | 18:49 | |
| *** livelace has quit IRC | 19:07 | |
| *** jmlowe has quit IRC | 19:27 | |
| *** serlex has quit IRC | 19:27 | |
| *** jmlowe has joined #openstack-barbican | 19:51 | |
| *** serlex has joined #openstack-barbican | 20:00 | |
| *** FrankZhang has joined #openstack-barbican | 20:35 | |
| *** alee has joined #openstack-barbican | 20:39 | |
| *** raildo has quit IRC | 20:43 | |
| *** serlex has quit IRC | 20:49 | |
| *** noslzzp has joined #openstack-barbican | 20:49 | |
| *** tidwellr has quit IRC | 20:52 | |
| *** noslzzp has quit IRC | 20:56 | |
| *** noslzzp has joined #openstack-barbican | 21:05 | |
| *** jmlowe has quit IRC | 21:10 | |
| *** antosh has quit IRC | 21:20 | |
| *** abishop has quit IRC | 21:21 | |
| *** jmlowe has joined #openstack-barbican | 21:36 | |
| *** antosh has joined #openstack-barbican | 21:43 | |
| openstackgerrit | Doug Hellmann proposed openstack/castellan master: import zuul job settings from project-config https://review.openstack.org/581490 | 22:00 |
| openstackgerrit | Doug Hellmann proposed openstack/castellan master: import zuul job settings from project-config https://review.openstack.org/581490 | 22:14 |
| *** antosh has quit IRC | 23:28 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!