> On 04 Feb 2016, at 14:02, Henrik Johansen <[email protected]> > wrote: > >> >> On 04 Feb 2016, at 12:52 , Sven Van Caekenberghe <[email protected]> wrote: >> >> >>> On 04 Feb 2016, at 11:55, Guille Polito <[email protected]> wrote: >>> >>> Good news, so far, installing NeoUUID and replacing UUID class >> new by: >>> >>> UUID class >> new >>> ^NeoUUIDGenerator new next >>> >>> seems to work. At it looks that I can trust again my commits. >>> >>> Thanks Sven :) >> >> OK. >> >> Now, the idea is that one instance of the generator is kept around, this is >> way more efficient, but also more correct, as the random generator should >> not be created anew each time. >> >>> Now I do not know how this should be solved, nor if this is reproducible in >>> a machine other than mine... >> >> I seriously doubt the plugin is better (more random, more unique) then >> anything that we can do in Pharo itself. I like Pharo code way better, >> because we all see what it does. >> >> Anyone else with an opinion ? > > More random for certain, at least much faster than we could do in Pharo, is > certainly possible with a plugin. > More unique... well, depends on whether you can trust the source RNG (seeded > from data with enough entropy, period much greater than 2^128, etc). > > A single next:into:startingAt: primitive filling random data (obtained using > platform primitives and/or RDRAND/RDSEED) into a buffer would be much > nicer/more flexible than the current UUID primitive though. (the linked UUID > library is basically just a thin wrapper around the platform primitives, plus > setting variant/version bits in the returned UUID bytes) > > As a stopgap, one could instead use another, more general primitive (but with > a less flexible api than next:into:startingAt:) in an otherwise unrelated > plugin (but that is built internal to all Cog VM's, at least): > rand: aBuffer > <primitive: 'primitiveGatherEntropy' module: 'CroquetPlugin'> > ^self primitiveFail > > (which, iirc, resolves to the same platform primitives as UUID lib) > > Also, the meaning of different UUID versions are well defined in the RFC, > marking NeoUUID's as being a version 4 UUID seems somewhat ... disingenuous.
Yes, but to 99.99% of developers, a UUID is something special/magic where some effort was made to generate something as unique as possible. If we insist on it being just 128 random bits, then why all the fuss ? Why do we even need so called standards ? Why do we need a plugin, an implementation even ? It makes no sense. Just read 16 bytes from /dev/[u]random, or the equivalent use of a RNG and be done with it. But if you tell developers that their database IDs are just plain random numbers, they will probably feels less good about them. To me UUID is a specific concept: << The intent of UUIDs is to enable distributed systems to uniquely identify information without significant central coordination. In this context the word unique should be taken to mean "practically unique" rather than "guaranteed unique". >> Not including any 'node' information (identifying process, image, VM, machine, network endpoint), nor 'counter' does not feel right. > Cheers, > Henry
