OpenStack Identity (keystone)

Secure Secret Storage

Registered by justinsb on 2012-05-01

(The only S3 you need to know)

Storing crypto secrets in Keystone, which are unlocked by the action of authenticating, so that the secret is not actually stored (unencrypted) anywhere.

Those secrets can then be used by any service authenticating with Keystone, so e.g. Swift can encrypt images.

Read the full specification

Blueprint information

Status:: Complete

Approver:: None

Priority:: Low

Drafter:: None

Direction:: Needs approval

Assignee:: None

Definition:: Superseded

Series goal:: None

Implementation:: Unknown

Milestone target:: None

Completed by: Dolph Mathews on 2013-12-03

Related branches

Related bugs

Sprints

Whiteboard

https://github.com/stackforge/barbican
Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments.

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Oleg S. Gelbukh

Patrick Cheung

Paul Sarin-Pollet

Wyllys Ingersoll