I'd try and avoid blocking the pool name. Otherwise we have to store all pool names.
I'd create messages when a user is added to deleted from a pool. I'd also create messages when a pool is created or deleted. I'll create a JIRA item for this when apache is working again. D. On Wed, Sep 30, 2009 at 11:19 AM, Xuefeng Wu <[email protected]> wrote: > @Richard It's my pleasure to do this. > I agree with Vassil. I would start to technical design and develop after we > reach an agreement. > > > > On Wed, Sep 30, 2009 at 5:09 PM, Vassil Dichev <[email protected]> wrote: > >> > We should have unique Id which can not be deleted.User or Pool could have >> > same name but have different unique id which only system know. >> > >> > The pool name can not have duplicate validate same name, >> > but the validate pool could have a name as same as invalidate pool. >> >> This is not a technical problem, but a social engineering aspect of >> security. The user will not see this id, and even if they do, they >> won't care. The thing they will see is the pool name. So if one day >> the pool is deleted and on the next day another pool is added by a >> different person, but with the same name, the user might be tricked >> into sending confidential messages to that pool. >> >> One way to alleviate the problem is to trigger a message that a user >> has been added to a pool. But will this be enough? Or should we block >> the pool name forever, even when the pool has been deleted? >> >> Vassil >> > > > > -- > Global R&D Center,Shanghai China,Carestream Health, Inc. > Tel:(86-21)3852 6101 >
