On Dec 8, 2006, at 12:33 PM, Phillip J. Eby wrote:
At 12:25 PM 12/8/2006 -1000, Brian Kirsch wrote:
On Dec 8, 2006, at 12:12 PM, Phillip J. Eby wrote:
Note also that there are privacy issues involved in having a UUID
that gets carried in all communications. I would also suggest that
if we do this for sharing purposes, it should be a different and
*secure* UUID (i.e., one not generated using the Ethernet hardware
address) for each effective sharing conduit, to minimize the amount
of trackable information being distributed about the person's
machine.
+1 the UUID would just be a random id and have no ties to the users
hardware or software.
Not only that, but it would have to be a *different* UUID for each
email account, or the user's identity can be compromised. For
example, if I use an email account with a phony name or "handle"
for one set of purposes, and another account with my real name, for
work/business purposes, my identity is compromised if Chandler uses
the same UUID on both sets of email. Somebody who has seen an
email from *either* account can potentially Google the UUID to find
what other email accounts have used the same Chandler client! This
would be a serious failure to protect user privacy.
Yes good point. I think I might go with the message id caching
strategy instead. I need to think about this some more.
Thanks,
Brian
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "chandler-dev" mailing list
http://lists.osafoundation.org/mailman/listinfo/chandler-dev
