Barbican Project Specifications¶
Train approved specs:
Pike approved specs:
Newton approved specs:
Mitaka approved specs:
Liberty approved specs:
- Allow Admins to add CAs
- Add Crypto/HSM MKEK Rotation and Migration Support (Lightweight)
- Add Transport Cert Reference
- Add List of Group-IDs to ACL for Secrets and Containers
- Add auditing capability via CADF based notification events
- Remove the tenant-secret association table
- Expose CA enrollment templates
- Add Version Responses Consistent with Openstack
- Add quota support for Barbican resources
Kilo approved specs:
- Adding per-secret policy to allow the storing of private secrets
- Storing metadata to allow the use of per-secret policy
- Add ability for functional tests to run as different users
- Add worker retry and future updates support
- Change GET decrypted secrets to unique URI
- KMIP MKEK Model Plugin
- Common Certificate API
- Define Content Types for API and Secret Store
- Identify available CAs
- Replace the concept of tenants in the code-base in favor of projects
- Snakeoil CA Certificate Manager Plugin
Juno approved specs:
- Add certificate to container type
- Add Certificate Generation and Management To Orders
- Transport Key Wrapping
- Barbican Spec - Barbican Consumer Registration
- Add more types to the orders resource
- Remove the project-id from Barbican resource URIs
- Enforce content type on barbican REST API
- Add containers to python-barbicanclient
- Refactor Client Entity Models
- Consume Keystone Project Delete Events
- Creation of a Babrican Plugin to use HP Atalla ESKM.
- Introduce Oslo’s cliff as cli framework for Barbican
- Restructure project to better accommodate all plugin types
- Restructure PKCS11 Plugin
