New repo request: phosphor-ipmi-blobs-skm

Ed Tanous ed.tanous at intel.com
Fri Dec 7 05:31:25 AEDT 2018 

Can you go into a little more details on what this repository would do? 
A quick google of "storage key management" didn't really turn up much in
terms of specifics.  Is there a spec or design doc you could point us at?

Some initial questions I have (assuming this repo relates to key management)

1. How would this repository relate to phosphor-certificate-manager? 
Reimplementation of the same interface?  Different?  What are the major
differences that would warrant not simply putting the implementation
there?  Some of my confusion here is that phosphor-certificate-manager
has an implementation that can store certificates and private keys, and
has gone through many rounds of review on the interfaces.  I'm worried
that another key manager would simply be duplicating functionality that
already exists (although I hope not).

2. What interfaces and workflows would this implementation support? 
What does this implementation let us do that we can't do already?

3. When you say the storage format is SKM specific, what does that mean?

-Ed

On 12/6/18 10:19 AM, Kun Yi wrote:
> Hi Brad,
>
> May I request a new repository: phosphor-ipmi-blobs-skm?
>
> It is a phosphor-ipmi-blobs[1] based handler that supports simple
> binary data read/write/enumerate operations from the host to a storage
> only visible to BMC. Google uses it for storing Storage Key Management
> (SKM) specific binary data, and it may probably belong to the openBMC
> customizations that Google want to publish and permit others to use.
>
> Currently the storage format is skm specific, but it could be expanded
> to support other use cases, thus the "phosphor" naming. If you feel
> that it is still Google-specific, then "google-ipmi-blobs-skm" is
> acceptable as well. We can always rename this later if the use cases
> expand. =)
>
> Please add myself, Benjamin Fair (benjaminfair at google.com
> <mailto:benjaminfair at google.com>), and Patrick Venture
> (venture at google.com <mailto:venture at google.com>) as maintainers. Thanks!
>
> [1] https://github.com/openbmc/phosphor-ipmi-blobs
> -- 
> Regards,
> Kun
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20181206/ec2a41dc/attachment.html>

More information about the openbmc mailing list