* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2008-06-24 21:49]: > > The reason why UUIDs are here is to allow analysis to be done on the server > > side as to what is happening in individual images. For example, for > > packages a and b, how many images downloaded one or the other or both. > > When there are multiple images per system, or multiple systems behind a > > firewall, the IP address in the log isn't enough to answer these questions. > > Right. I understand this part of the rationale. > > > The original intent was to have one UUID per image, but based on Stephen's > > input, the design was changed to one UUID per authority to avoid potential > > concerns about cross-authority correlation without the users consent > > through a registration. > > This is one area where I'm not sure that I agree. Servers already have > the IP address and version-id from their clients. The UUID is anonymous > in that it doesn't contain any information about who the client actually > is. I'm not sure I understand why a per-authority UUID would be > desirable. I'm assuming that sites where privacy concerns are prevalent > would simply want to disable the UUID altogether. > > Do we have a customer use case where a per-authority UUID is okay, but a > per-image UUID isn't? I was anticipating some privacy concerns--there's no reason to allow two separate publishers to get together to correlate your package retrievals, or to allow someone to compel such correlation. By the way, I think one of the assumptions above is that the IP address of a client is unchanging. That's not true, in general.
> > The --reset-uuid is how you get the UUID there in the first place. Running > > it again or running --unset-uuid allows the user to opt-out of the tracking > > that is being done. > > One of the comments that Stephen supplied in this thread was that the > UUID should be opt-out, not opt-in. I think that, because the image in an ISO is copied around the world, the default outcome should be that the installer and zoneadm commands have to reset the UUID after the image has been duplicated to disk. (Customized distributions can skip this step, of course.) I guess the real question to Tom is "what does set-authority" do to the UUID for a new authority? The answer for set-authority and image-create should be the same. - Stephen -- [EMAIL PROTECTED] http://blogs.sun.com/sch/ _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
