[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133719#comment-17133719 ] Ash Berlin-Taylor commented on CASSANDRA-15862: --- Thanks [~aboudreault] ! (Work, as always, rather got away from me, and I fell down when I needed to sign up for a new account) > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature > Components: Legacy/Core >Reporter: Ash Berlin-Taylor >Assignee: Sam Tunnicliffe >Priority: Normal > Fix For: 2.2.x, 3.0.x, 3.11.x, 4.0-alpha > > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133649#comment-17133649 ] Jordan West commented on CASSANDRA-15862: - Patch LGTM. The failing unit tests are known to be flaky and are unrelated (along with a clean run on trunk). Lets run the other parts of the suite besides unit tests for good measure but otherwise +1. > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature > Components: Legacy/Core >Reporter: Ash Berlin-Taylor >Assignee: Sam Tunnicliffe >Priority: Normal > Fix For: 2.2.x, 3.0.x, 3.11.x, 4.0-alpha > > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133375#comment-17133375 ] Alan Boudreault commented on CASSANDRA-15862: - Just created the python driver ticket about this: https://datastax-oss.atlassian.net/browse/PYTHON-1250 > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature >Reporter: Ash Berlin-Taylor >Priority: Normal > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128681#comment-17128681 ] Ash Berlin-Taylor commented on CASSANDRA-15862: --- No, not at all! Feel free. > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature >Reporter: Ash Berlin-Taylor >Priority: Normal > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128647#comment-17128647 ] Jordan West commented on CASSANDRA-15862: - [~jjirsa] you beat me to it > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature >Reporter: Ash Berlin-Taylor >Priority: Normal > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128645#comment-17128645 ] Jeff Jirsa commented on CASSANDRA-15862: Worth noting that while the python api is not in apache cassandra, that doesn't mean there's not room to fix things here: {code} jjirsa:cassandra jjirsa$ grep -ir whitelist src/ | wc -l 19 jjirsa:cassandra jjirsa$ grep -ir blacklist src/ | wc -l 65 jjirsa:cassandra jjirsa$ {code} > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature >Reporter: Ash Berlin-Taylor >Priority: Normal > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org
[jira] [Commented] (CASSANDRA-15862) Use "allow list" or "safe list" instead of the term "whitelist"
[ https://issues.apache.org/jira/browse/CASSANDRA-15862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17128619#comment-17128619 ] Jordan West commented on CASSANDRA-15862: - [~ash] thank you for raising this issue. Its great you are making an effort to change this. Unfortunately, at this time, the Python client is not *yet* under the purview of this JIRA -- the drivers are not currently owned by the Apache project. I will mention this ticket in our Slack channel where some of the client developers are also present. I would recommend contacting the project directly in the meantime: https://datastax-oss.atlassian.net/projects/PYTHON/issues/?filter=allissues&;. After that has been completed, it looks like we have some follow-up to do in cqlsh to remove the references. > Use "allow list" or "safe list" instead of the term "whitelist" > > > Key: CASSANDRA-15862 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15862 > Project: Cassandra > Issue Type: New Feature >Reporter: Ash Berlin-Taylor >Priority: Normal > > Language matters. I'd like to remove all references in Apache Airflow to > whitelist or black list, and the Cassandra Python API has some that we can't > easily remove. > The recent global events have made this even more relevant, but this has been > on my radar for a while now. Here is a well written article for why I think > it matters > https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white > {quote}It's fairly common to say whitelisting and blacklisting to describe > desirable and undesirable things in cyber security. > However, there's an issue with the terminology. It only makes sense if you > equate white with 'good, permitted, safe' and black with 'bad, dangerous, > forbidden'. There are some obvious problems with this. {quote} > My exposure to is via the Python API where there is the > cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be > renamed to AllowListRoundRobinPolicy instead. I do not know if there are > other references. -- This message was sent by Atlassian Jira (v8.3.4#803005) - To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org