On 13/11/13 23:35, Chris Friesen wrote:
On 11/13/2013 04:19 PM, Zane Bitter wrote:
Of course the idempotency token *should* be just the name, but since
most projects have inexplicably chosen not to enforce unique names (in
tenant scope), we're in the odd position of requiring 3 ways to look up
any resource (by name, UUID, and idempotency token). That's bonkers, but
what can you do?
Why would the idempotency token not be the UUID? Presumably that should
be unique.
Yes, but you don't know the UUID until you know it, and by then it's too
late (the resource has been created). So the idempotency token has to be
something passed in by the user.
You could allow the user to supply the UUID (you would obviously check
it for uniqueness). There is however, many possible ways in which that
could go horribly wrong (e.g. if you sharded based on UUID, an attacker
might be able to exploit that to overload one of your machines; the
uniqueness check leaks information from other tenants, &c.)
cheers,
Zane.
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
