Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!eu.feeder.erje.net!xlned.com!feeder7.xlned.com!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <christian@python.org>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=python.org; s=200901; t=1352853781; bh=4ae4KycgSJExxDHAhBpc/Kr7LSPE3gITCVD0mRdGtlE=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=x8HO6Lhf7RRpUP0ZCzXTAMBiAI5P699pzk16XHmti32EdWynYjIO2CRkcY2Q9D9hV HTeAW3la+EhbYo2CZ2WmZzoIzZY96IxesJUXMRidhUEm/6aBbO4sLc3oH8sxnJXJoR 92e8AP4JfzeIujv+3gKnes2pJak1P+7cD9tbHLt4=
Date: Wed, 14 Nov 2012 01:43:00 +0100
From: Christian Heimes <christian@python.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121028 Thunderbird/16.0.2
MIME-Version: 1.0
To: Chris Kaynor <ckaynor@zindagigames.com>
Subject: Re: Generate unique ID for URL
References: <0692e6a2-343c-4eb0-be57-fe5c815efb99@googlegroups.com> <k7ulda$geh$1@reader1.panix.com> <133e0be5-63af-4f72-9d0a-c59b04aa4ce4@googlegroups.com> <CALvWhxsMx34QdNNi0dpMCZ_VL055gSY8v_kNvfsEW7CSMK-N_w@mail.gmail.com>
In-Reply-To: <CALvWhxsMx34QdNNi0dpMCZ_VL055gSY8v_kNvfsEW7CSMK-N_w@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: "python-list@python.org" <python-list@python.org>, Richard <richardbp@gmail.com>
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.3656.1352853781.27098.python-list@python.org>
Lines: 20
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1352853781 news.xs4all.nl 6893 [2001:888:2000:d::a6]:59399
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:33279

Am 14.11.2012 01:26, schrieb Chris Kaynor:
> One option would be using a hash. Python's built-in hash, a 32-bit
> CRC, 128-bit MD5, 256-bit SHA or one of the many others that exist,
> depending on the needs. Higher bit counts will reduce the odds of
> accidental collisions; cryptographically secure ones if outside
> attacks matter. In such a case, you'd have to roll your own means of
> converting the hash back into the string if you ever need it for
> debugging, and there is always the possibility of collisions. A
> similar solution would be using a pseudo-random GUID using the url as
> the seed.

A hash is the wrong answer to the issue as a hash is open to all sorts
of attack vectors like length extension attack. If Robert needs to
ensure any kind of collision resistance than he needs a MAC, for example
a HMAC with a secret key.

If he needs some kind of persistent identifier than some like a URN or
DOI may be a better answer.

Christian