Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-15862

Use "allow list" or "safe list" instead of the term "whitelist"

    XMLWordPrintableJSON

    Details

      Description

      Language matters. I'd like to remove all references in Apache Airflow to whitelist or black list, and the Cassandra Python API has some that we can't easily remove.

      The recent global events have made this even more relevant, but this has been on my radar for a while now. Here is a well written article for why I think it matters

      https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white

      It's fairly common to say whitelisting and blacklisting to describe desirable and undesirable things in cyber security.

      However, there's an issue with the terminology. It only makes sense if you equate white with 'good, permitted, safe' and black with 'bad, dangerous, forbidden'. There are some obvious problems with this.

      My exposure to is via the Python API where there is the cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be renamed to AllowListRoundRobinPolicy instead. I do not know if there are other references.

        Attachments

          Activity

            People

            • Assignee:
              samt Sam Tunnicliffe
              Reporter:
              ash Ash Berlin-Taylor
              Authors:
              Sam Tunnicliffe
              Reviewers:
              Jordan West
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: