On Wed, 16 Sep 2009, Mark Copper wrote:
> On Tue, Sep 15, 2009 at 06:27:45PM -0400, Perrin Harkins wrote:
>> On Tue, Sep 15, 2009 at 11:54 AM, Mark Copper
>> <mcop...@titaninterface.com> wrote:
>>> My question: ?Is there a guarantee that two separately generated cookies
>>> are different? ?Or is it just probable?
>>
>> You're asking about the uniqueness of the IDs in the cookies? Since
>> you chose Apache::Session::MySQL, you can look at the code for that
>> class and see that it uses Apache::Session::Generate::MD5, which you
>> can also see the code for. It does not guarantee uniqueness. You can
>> switch to one of the other Apache::Session::Generate:: subclasses if
>> you like. Read the Apache::Session documentation for more.
>>
>> - Perrin
>
> Hi Perrin,
>
> Yes, I wanted to know whether two trips through
> tie %session, 'Apache::Session::MySQL';
> $id = $session{_session_id};
>
> was sure to give two different id's.
>
> And yes, I was having trouble with the docs. Thank you for your help.
>
> So the answer to my question is "no". In fact, MD5 is not considered
> "collision resistant".
Practically speaking, the chances of a collision are ridiculously low. MD5
is problematic for passwords but for generating unique ids like this, it's
almost certainly good enough.
Of course, if your application is going trillions+ of sessions per hour,
maybe it's not suitable ;)
-dave
/*============================================================
http://VegGuide.org http://blog.urth.org
Your guide to all that's veg House Absolute(ly Pointless)
============================================================*/
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Mason-users mailing list
Mason-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mason-users
