#openstack-barbican log

15:08:28 <xek> #startmeeting barbican
15:08:28 <opendevmeet> Meeting started Mon Jan 27 15:08:28 2025 UTC and is due to finish in 60 minutes.  The chair is xek. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:08:28 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:08:28 <opendevmeet> The meeting name has been set to 'barbican'
15:08:51 <xek> #topic Roll Call
15:08:57 <xek> Courtesy ping for dmendiza[m] ade_lee d34dh0r53 Luzi tosky tobias-urdin jjung mharley lpiwowar
15:09:03 <xek> As usual our agenda can be found here:
15:09:07 <xek> #link https://etherpad.openstack.org/p/barbican-weekly-meeting
15:09:20 <xek> #topic Review Past Meeting Action Items
15:09:51 <xek> #link https://meetings.opendev.org/meetings/barbican/2025/barbican.2025-01-20-15.01.html
15:10:19 <xek> There were no action items
15:13:24 <xek> #topic Open Discussion
15:13:34 <xek> rajivare you still here?
15:14:05 <rajiv> After continuous follows-up Thales confirmed and validated the support of their HSM on FIPS mode on 7.7.1 firmware version but their barbican.conf file is incorrect ? https://www.thalesdocs.com/gphsm/integrations/guides/openstack_barbican/index.html#configure-openstack-barbican-with-thales-luna-hsm-or-luna-cloud-hsm
15:14:30 <xek> dmendiza^
15:17:06 <rajiv> i think https://docs.openstack.org/barbican/latest/configuration/plugin_backends.html should also be updated ?
15:17:47 <xek> What do you mean by incorrect?
15:17:54 <xek> Did you get an error
15:19:30 <rajiv> no, the Thales documentation mentions about openstack zed release and changes to barbican.conf
15:19:55 <rajiv> but wondering which options under [p11_crypto_plugin] are mandatory ?
15:20:54 <rajiv> also encryption_mechanism = CKM_AES_CBC_GCM in openstack docu but in Thales its encryption_mechanism = CKM_AES_GCM
15:25:06 <xek> looks like doc/source/install/barbican-backend.rst mentions CKM_AES_CBC_GCM
15:25:34 <rajiv> yes
15:25:39 <xek> and that's the only place it appears in, so looks like a typo
15:26:15 <rajiv> typo in openstack or thales docu ?
15:26:49 <xek> yeah, maybe
15:30:03 <xek> if you get around to running it, we can fix the docs
15:30:50 <rajiv> i will check with Thales and raise a request accordingly, since both crypto algo exists
15:32:21 <xek> ok, thanks for doing this!
15:32:35 <xek> maybe actually both are correct...
15:33:25 <rajiv> ah ok
15:36:20 <xek> allright, let's go to the last topic
15:36:22 <xek> #topic Bug Review
15:37:07 <xek> There were no new bugs reported
15:37:41 <xek> Have a great weak and let's meet next Monday!
15:37:45 <xek> #endmeeting