On Fri, 15 Nov 2013 12:46:44 +0100
Zane Bitter <zbit...@redhat.com> wrote:
> Yes, but you don't know the UUID until you know it, and by then it's too
> late (the resource has been created). So the idempotency token has to be
> something passed in by the user.
I completely agree with you that token has to be something passed in by
the user.
> You could allow the user to supply the UUID (you would obviously check
> it for uniqueness). There is however, many possible ways in which that
> could go horribly wrong (e.g. if you sharded based on UUID, an attacker
> might be able to exploit that to overload one of your machines; the
> uniqueness check leaks information from other tenants, &c.)
Umm...
Thank you for important comments.
I understood your comment imply that idempotency token has to generate by
trusted services. (e.g. keystone?)
One of other hand, I'm thinking for easily way to implement idempotency token.
In my idea, idempotency token has to:
- be String (Don't use UUID)
# for avoiding UUID generate problem
- isolate per tenant
# for avoiding uniqueness check leaks
is appropriate. What do you think about that?
--------------------
Mitsuru Kanabuchi
NTT Software Corporation
E-Mail : kanabuchi.mits...@po.ntts.co.jp
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
