Comment 8 for bug 1391311

I suppose that depends on whether 1. all Cinder driver interactions were subsequently audited to confirm this was implemented across the board, 2. the same is implemented for other internal communication relied on by Cinder (HTTPS with certificate validation for REST calls? encrypted and authenticated message queues?), and 3. we plan to phase in "secured internal communication" expectations in different parts of the OpenStack integrated release at different times (how many sites are running Cinder with no Nova?).