> The reason why UUIDs are here is to allow analysis to be done on the server > side as to what is happening in individual images. For example, for > packages a and b, how many images downloaded one or the other or both. > When there are multiple images per system, or multiple systems behind a > firewall, the IP address in the log isn't enough to answer these questions.
Right. I understand this part of the rationale. > The original intent was to have one UUID per image, but based on Stephen's > input, the design was changed to one UUID per authority to avoid potential > concerns about cross-authority correlation without the users consent > through a registration. This is one area where I'm not sure that I agree. Servers already have the IP address and version-id from their clients. The UUID is anonymous in that it doesn't contain any information about who the client actually is. I'm not sure I understand why a per-authority UUID would be desirable. I'm assuming that sites where privacy concerns are prevalent would simply want to disable the UUID altogether. Do we have a customer use case where a per-authority UUID is okay, but a per-image UUID isn't? > The --reset-uuid is how you get the UUID there in the first place. Running > it again or running --unset-uuid allows the user to opt-out of the tracking > that is being done. One of the comments that Stephen supplied in this thread was that the UUID should be opt-out, not opt-in. http://mail.opensolaris.org/pipermail/pkg-discuss/2008-May/003578.html I would much rather see the UUID attached to the image during image-create. (Or on subsequent pkg(1) operation for upgraded clients). Those who choose to opt-out could call: pkg unset-uuid That would drastically simplify the user interface, and provide more tracking information by default to the servers. -j _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
