mcr-dyas | There was an email about a cloud-init conference/meeting... did a decision get made yet? | 05:39 |
---|---|---|
mcr-dyas | https://lists.launchpad.net/cloud-init/msg00428.html not seeing any followup.... it's now approaching the first (Feb) choice :-)... and I'd like to fit into my schedule. | 05:43 |
=== djhankb3 is now known as djhankb | ||
=== pmcnabb1 is now known as pmcnabb | ||
=== danieli9 is now known as danieli | ||
meena | mcr-dyas: not that i remember | 11:34 |
meena | all i know is that i probably can't join | 11:34 |
=== ryland_ is now known as ryland | ||
mcr-dyas | meena, if it's virtual only, it can become quite accessible. | 15:41 |
mcr-dyas | my interest is in provisioning IDevID certificates into virtual appliances, this might lead to more typical WebPKI certificates, or it may be part of a more dynamic interaction (TLS certifications for postgres mutual authentication). Given virtual/fTPM to hold/generate the secret, the problem of snapshots vs private keys becomes much less. One way to do this is to provision a symmetric secret or an ephemeral asymmetric pair via clo | 16:08 |
mcr-dyas | ud-init, and then use that with RFC7030 to provision the long-term TPM backed credential. But, I feel like that's the long way around. | 16:08 |
meena | mcr-dyas: how would the preferred solution work? | 18:28 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!