From: Ed Tanous <ed.tanous@intel.com>
To: openbmc@lists.ozlabs.org
Subject: Re: New repo request: phosphor-ipmi-blobs-skm
Date: Thu, 6 Dec 2018 10:31:25 -0800 [thread overview]
Message-ID: <012da767-1f7c-6bff-ad47-afaa352b8242@intel.com> (raw)
In-Reply-To: <CAGMNF6VE0JaN93hZT5_PNYgu-inpx5JTWk4NhpS6=VuBuxpEzA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2094 bytes --]
Can you go into a little more details on what this repository would do?
A quick google of "storage key management" didn't really turn up much in
terms of specifics. Is there a spec or design doc you could point us at?
Some initial questions I have (assuming this repo relates to key management)
1. How would this repository relate to phosphor-certificate-manager?
Reimplementation of the same interface? Different? What are the major
differences that would warrant not simply putting the implementation
there? Some of my confusion here is that phosphor-certificate-manager
has an implementation that can store certificates and private keys, and
has gone through many rounds of review on the interfaces. I'm worried
that another key manager would simply be duplicating functionality that
already exists (although I hope not).
2. What interfaces and workflows would this implementation support?
What does this implementation let us do that we can't do already?
3. When you say the storage format is SKM specific, what does that mean?
-Ed
On 12/6/18 10:19 AM, Kun Yi wrote:
> Hi Brad,
>
> May I request a new repository: phosphor-ipmi-blobs-skm?
>
> It is a phosphor-ipmi-blobs[1] based handler that supports simple
> binary data read/write/enumerate operations from the host to a storage
> only visible to BMC. Google uses it for storing Storage Key Management
> (SKM) specific binary data, and it may probably belong to the openBMC
> customizations that Google want to publish and permit others to use.
>
> Currently the storage format is skm specific, but it could be expanded
> to support other use cases, thus the "phosphor" naming. If you feel
> that it is still Google-specific, then "google-ipmi-blobs-skm" is
> acceptable as well. We can always rename this later if the use cases
> expand. =)
>
> Please add myself, Benjamin Fair (benjaminfair@google.com
> <mailto:benjaminfair@google.com>), and Patrick Venture
> (venture@google.com <mailto:venture@google.com>) as maintainers. Thanks!
>
> [1] https://github.com/openbmc/phosphor-ipmi-blobs
> --
> Regards,
> Kun
[-- Attachment #2: Type: text/html, Size: 3664 bytes --]
next prev parent reply other threads:[~2018-12-06 18:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-06 18:19 New repo request: phosphor-ipmi-blobs-skm Kun Yi
2018-12-06 18:31 ` Ed Tanous [this message]
2018-12-07 18:35 ` Kun Yi
2018-12-10 21:20 ` Kun Yi
2018-12-17 23:16 ` New repo request: phosphor-ipmi-blobs-binarystore Kun Yi
2019-01-14 15:55 ` Brad Bishop
2019-01-14 19:09 ` Kun Yi
2019-01-14 21:10 ` Brad Bishop
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=012da767-1f7c-6bff-ad47-afaa352b8242@intel.com \
--to=ed.tanous@intel.com \
--cc=openbmc@lists.ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.