Transaction GUIDs [Was: Writing a Sharp Zaurus PDA GnuCash Companion]

[Linas Vepstas]

repsonding to very old email,
now that I am getting email again...


On Fri, Aug 23, 2002 at 12:38:40PM +0100, Colin Pinkney was heard to remark:
>=20
>=20
> I was just looking at how GUIDs are generated, but couldn't quite figure =
it
> out. Seems to  have something to do with randomly selecting md5sums of
> files that constantly change.
>=20
> I'm know very little about pseudo-random algorithms and want to keep it
> simple so I'm hoping /proc/sys/kernel/random/uuid has enough entropy. But=
 I
> guess in the end as long as it's a unique 128bit number (stored in hex
> format) it doesn't really matter, does it?=20

it matters a lot. md5 has been mathematically proven to generate unique
id's.  Most all naive algorithms fail to do so, in ways that seem subtle=20
to the naive developer but are well knows to crypto types and hackers.

(the linux kernel uuid algo is probably quite good.)

--linas


--=20
pub  1024D/01045933 2001-02-01 Linas Vepstas (Labas!) <linas@linas.org>
PGP Key fingerprint =3D 8305 2521 6000 0B5E 8984  3F54 64A9 9A82 0104 5933