> > Is anyone following the openstack-security list and/or part of the > OpenStack Security Group (OSSG)? This sounds like another group and list > we should keep our eyes on. >
I'm one of the OSSG leads. We'd certainly welcome your involvement in OSSG. In fact, there has been much interest in OSSG about the Barbican project. And I believe that many people from the group are contributing to Barbican. > In the below thread on the security list, Nathan Kinder is conducting a > security audit of the various integrated OpenStack projects. He's > answering questions such as what crypto libraries are being used in the > projects, algorithms used, sensitive data, and potential improvements that > can be made. Check the links out in the below thread. > > Though we're not yet integrated, it might be beneficial to put together > our security audit page under Security/Icehouse/Barbican. > This would be very helpful. If there's anything I can do to help facilitate this, just let me know. Cheers, -bryan
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
