> the cinder admin and the nova admin are ALWAYS the same people There is interest in hybrid clouds where the Nova and Cinder services are managed by different providers. The customer would place higher trust in Nova because you must trust the compute service, and the customer would place less trust in Cinder. One way to achieve this would be to have all encryption done by Nova. Cinder would simply see encrypted data and provide a good cheap storage solution for data.
Consider a company with sensitive data. They can run the compute nodes themselves and offload Cinder service to some third-party service. This way they are the only ones who can manage the machines that see the plaintext. -Nate __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
