On 4 January 2017 at 19:52, Dan Jahner <djahner(a)pivotal.io> wrote:

Hi Mathias -

(Copying my reply in the doc for visibility) Correct, our initial plan is
for CredHub to store the service credentials. This feature work is a
separate initiative and a proposal will be sent out to the community for
comment before it is implemented.

We will not focus on applications directly leveraging CredHub beyond
service credentials for this work, but it will move us closer to enabling
that use case.

On Wed, Jan 4, 2017 at 12:38 AM Mathias Essenpreis <
Mathias.essenpreis(a)sap.com> wrote:

Hi Dan,
thumps up for the proposal.

Thinking about application secrets. You state to also cover "Conceal
service credentials from the Cloud Controller". Assuming you mean to
encrypt e.g. passwords that are stored in the env of an application, right?
So I assume this will help applications already to securely store their
secrets.

Is my assumption right?

On Fri, Feb 10, 2017 at 3:46 AM Daniel Jones <
daniel.jones(a)engineerbetter.com> wrote:

Hi all,

CredHub sounds awesome.

I noticed that the GitHub repository is in the `pivotal-cf` organisation
<https://github.com/pivotal-cf/credhub.git>.

Is CredHub going to be a proprietary value-add of the PCF distribution? Or
is it going to be OS for all to use, and owned by the Foundation?

Regards,
Daniel Jones - CTO
+44 (0)79 8000 9153 <+44%207980%20009153>
@DanielJonesEB <https://twitter.com/DanielJonesEB>
*EngineerBetter* Ltd <http://www.engineerbetter.com> - UK Cloud Foundry
Specialists

On 4 January 2017 at 19:52, Dan Jahner <djahner(a)pivotal.io> wrote:

Hi Mathias -

(Copying my reply in the doc for visibility) Correct, our initial plan is
for CredHub to store the service credentials. This feature work is a
separate initiative and a proposal will be sent out to the community for
comment before it is implemented.

We will not focus on applications directly leveraging CredHub beyond
service credentials for this work, but it will move us closer to enabling
that use case.

On Wed, Jan 4, 2017 at 12:38 AM Mathias Essenpreis <
Mathias.essenpreis(a)sap.com> wrote:

Hi Dan,
thumps up for the proposal.

Thinking about application secrets. You state to also cover "Conceal
service credentials from the Cloud Controller". Assuming you mean to
encrypt e.g. passwords that are stored in the env of an application, right?
So I assume this will help applications already to securely store their
secrets.

Is my assumption right?

On 10 February 2017 at 17:48, Dan Jahner <djahner(a)pivotal.io> wrote:

Hi Daniel,

I'm glad you are excited for CredHub.

The repos are currently in pivotal-cf as a first step to open sourcing
them and moving them to the foundation. As soon as we get the official
approval on the incubation request, they will be moved to the appropriate
CFF org.

Thanks,
Dan

On Fri, Feb 10, 2017 at 3:46 AM Daniel Jones <daniel.jones(a)engineerbetter.
com> wrote:

Hi all,

CredHub sounds awesome.

I noticed that the GitHub repository is in the `pivotal-cf` organisation
<https://github.com/pivotal-cf/credhub.git>.

Is CredHub going to be a proprietary value-add of the PCF distribution? Or
is it going to be OS for all to use, and owned by the Foundation?

Regards,
Daniel Jones - CTO
+44 (0)79 8000 9153 <+44%207980%20009153>
@DanielJonesEB <https://twitter.com/DanielJonesEB>
*EngineerBetter* Ltd <http://www.engineerbetter.com> - UK Cloud Foundry
Specialists

On 4 January 2017 at 19:52, Dan Jahner <djahner(a)pivotal.io> wrote:

Hi Mathias -

(Copying my reply in the doc for visibility) Correct, our initial plan is
for CredHub to store the service credentials. This feature work is a
separate initiative and a proposal will be sent out to the community for
comment before it is implemented.

We will not focus on applications directly leveraging CredHub beyond
service credentials for this work, but it will move us closer to enabling
that use case.

On Wed, Jan 4, 2017 at 12:38 AM Mathias Essenpreis <
Mathias.essenpreis(a)sap.com> wrote:

Hi Dan,
thumps up for the proposal.

Thinking about application secrets. You state to also cover "Conceal
service credentials from the Cloud Controller". Assuming you mean to
encrypt e.g. passwords that are stored in the env of an application, right?
So I assume this will help applications already to securely store their
secrets.

Is my assumption right?

On Fri, Dec 16, 2016 at 3:15 PM, Dan Jahner <djahner(a)pivotal.io> wrote:

Hello Everyone,

Pivotal would like to propose to the Extensions PMC a new incubation
project focusing on credential management in Cloud Foundry. This product
may be used in a Cloud Foundry environment to centralize and secure
credential generation, storage, lifecycle management and access.

Project name: CredHub
Project proposal: https://docs.google.com/document/d/
1iG28J2Lm8RY3BXCZqqNWO7v-G1ppcdK8cizlhbN_o4g/edit?usp=sharing
Proposed Project Lead: Dan Jahner (Pivotal)
Proposed Scope: See “Proposed Scope” in the proposal
Development Operating Model: Pairing Model
Technical Approach: See “Basic Architecture” and “BOSH Manifest
Implementation” in the proposal
Initial team committed: 6 engineers from Pivotal


Please let me know if you have any questions.

Thanks,
Dan Jahner
djahner(a)pivotal.io