Hi from the image-encryption-popupteam, we would like to provide a summary of what happened during the last year: 1. Secret Consumers in Barbican [1] As a foundation for the image encryption - and to not accidentally delete a secret, which is still in use - the Barbican team implemented the secret consumers. Their is still some work ongoing for the API part. We will use this feature whenever a image will be encrypted. 2. Specs We wrote Specs to describe, what we Image Encryption is and how it would affect Glance, Cinder and Nova. The Cinder spec got merged [2] . The Glance spec is still being reviewed [3]. And the nova spec is abandoned [4]. Nova is currently not part anymore, because of a missing ephemeral storage encryption needed for a coherent security mode. 3. WIP-patches We implemented two WIP-patches to let Glance devs get a better idea of how image encryption is affecting Glance. We provided a patch for Glance [5] and one for os-brick [6], which handles the encryption and decryption of images. [1] https://review.opendev.org/#/q/project:openstack/barbican+secret-consumer [2] https://review.opendev.org/#/c/608663/ [3] https://review.opendev.org/#/c/609667/11 [4] https://review.opendev.org/#/c/608696/ [5] https://review.opendev.org/#/c/705445/ [6] https://review.opendev.org/#/c/709432/ We appreciate reviews on the spec and the WIP-patches. greetings Josephine (Luzi) & Markus (mhen)