On Tue, Jan 17, 2017 at 8:04 AM, Duncan Thomas <duncan.tho...@gmail.com> wrote: > controls than this, but they never showed up AFAIK. And that's just the > problem - people think 'Oh, barbican is storing the cinder volume secrets, > great, we're secure' when actually barbican has made the security situation > worse not better. It's a pretty terrible secrets-as-a-service product at the > moment. Fixing it is not trivial.
So this is the second time you've asserted that Barbican is "a pretty terrible secrets-as-a-service product". Instead of repeatedly saying the same thing, have you worked with them on this? From your own accounts, it sounds like you're not providing the constructively critical feedback necessary to help the Barbican team and haven't attempted to prior to this thread (although I'd not call your criticisms constructive). I somehow doubt you'd be accepting of this kind of feedback if it were aimed at Cinder. Are there open bugs that have been ignored that you've filed? Items you've brought up at their meetings? To be clear, I started this thread to help the Barbican team gather actionable items to further adoption because it seems a worthwhile goal. Yes Barbican can improve, so can Cinder. So let's keep these discussions constructive, okay? -- Ian Cordasco __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
