Dear OpenStack Community, I am currently contributing to the Sovereign Cloud Stack (SCS—https://scs.community/) initiative, specifically focusing on enhancing the security of our services through End-to-End (E2E) encryption, particularly in environments where the networking infrastructure isn't directly managed or owned by the OpenStack operator. This scenario is common in colocation settings, Our servers may span multiple racks or buildings that are not entirely under our control. My current focus has been on developing a threat model that addresses potential Man In The Middle (MITM) attacks, such as wiretapping or spoofing, could target physical cables or networking devices. This model is inspired by the security considerations in RFC 8926 I have detailed this model in a GitHub issue: https://github.com/SovereignCloudStack/issues/issues/532#issuecomment-199098... if someone would like to take a deeper look at it and provide feedback. We would greatly value your expertise and feedback on this, either directly on GitHub or via this mailing list. Considering the technical implementation, I'm inclined to employ IPSec, inspired by its usage in TripleO: https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features... I'd like to hear your insights, recommendations, or experiences regarding the threat model. Are there other potential threats that should be on our radar? If you're aware of any existing solutions or have faced similar challenges, your guidance would be immensely helpful. Thank you in advance for your valuable contributions. I look forward to your feedback. Best Regards, Filip Dobrovolný