On 04/18/2014 09:27 AM, Bryan D. Payne wrote: > Is anyone following the openstack-security list and/or part of the > OpenStack Security Group (OSSG)? This sounds like another group and > list > we should keep our eyes on. > > > I'm one of the OSSG leads. We'd certainly welcome your involvement in > OSSG. In fact, there has been much interest in OSSG about the Barbican > project. And I believe that many people from the group are contributing > to Barbican. > > > In the below thread on the security list, Nathan Kinder is > conducting a > security audit of the various integrated OpenStack projects. He's > answering questions such as what crypto libraries are being used in the > projects, algorithms used, sensitive data, and potential > improvements that > can be made. Check the links out in the below thread. > > Though we're not yet integrated, it might be beneficial to put > together > our security audit page under Security/Icehouse/Barbican. > > > This would be very helpful. If there's anything I can do to help > facilitate this, just let me know.
I'd definitely welcome this as well. The integrated projects seemed like a good place to start to me, but getting on board early with incubated projects like Barbican would be great. I'm happy to assist in any way I can. -NGK > > Cheers, > -bryan > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
