On 05/04/2009, at 5:02 AM, Greg Guerin wrote:
An object's -hash method is not guaranteed to return a unique
value. Different objects can have the same hash as other objects of
the same type, or of different types. Therefore, if you are
calculating a SHA-1 hash of the -hash value returned from the
NSDate, your authentication can be spoofed by an unknown number of
other NSDate objects that return the same value from -hash.
Sure, I understand that. Actually the SHA-1 hash is derived from the -
hash of several objects, not just the date. My take is that the
combination of the several objects (typically about 8 different pieces
of information) is sufficiently unique to be unspoofable in practice.
And in fact the SHA-1 is only used as a signature anyway, not as a
unique value in its own right - the existence of identical SHA-1
hashes for different info sets wouldn't matter.
I suspect that when you write an expiry NSDate to a plist file, it
represents your local date and time. This expiry is then expiring
at your local time, not the recipient's local time. However, since
it's later in your location than almost anywhere else in the world,
the recipient perceives the expiration as premature.
The problem is not in the localization of NSDate. The problem is in
not accounting for time-zone differences between your location and
the user's location.
Nice thought, but not the case. The expiry is firing several months
too early, not just a few hours. While the date written does represent
my local time, the exact expiry would only be affected by a few hours.
I pretty much don't care about that - I don't tell the user to the
second when it will expire anyway, only which day.
However it does seem as if writing out the date as seconds since 1970
(or a string, as Tommy suggested) might be safer and cut out any
potential gotchas that I haven't realised existed.
--Graham
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
