Uploaded image for project: 'Apache Cassandra'
  1. Apache Cassandra
  2. CASSANDRA-15862

Use "allow list" or "safe list" instead of the term "whitelist"

    XMLWordPrintableJSON

Details

    Description

      Language matters. I'd like to remove all references in Apache Airflow to whitelist or black list, and the Cassandra Python API has some that we can't easily remove.

      The recent global events have made this even more relevant, but this has been on my radar for a while now. Here is a well written article for why I think it matters

      https://www.ncsc.gov.uk/blog-post/terminology-its-not-black-and-white

      It's fairly common to say whitelisting and blacklisting to describe desirable and undesirable things in cyber security.

      However, there's an issue with the terminology. It only makes sense if you equate white with 'good, permitted, safe' and black with 'bad, dangerous, forbidden'. There are some obvious problems with this.

      My exposure to is via the Python API where there is the cassandra.pollicies.WhiteListRoundRobinPolicy class. I propose that this be renamed to AllowListRoundRobinPolicy instead. I do not know if there are other references.

      Attachments

        Activity

          People

            samt Sam Tunnicliffe
            ash Ash Berlin-Taylor
            Sam Tunnicliffe
            Jordan West
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: