There are some minor points, but I agree that it basically boils down to 
“serial IDs break security-by-obscurity.”

That’s true, but….


> On Nov 30, 2017, at 9:00 AM, Keith Medcalf <> wrote:
> Well, in my opinion the guy is an idiot.  The way to avoid the issues he is 
> describing as the problems with serial IDs (or using the RowID) are simple to 
> avoid:  DO NOT DO THOSE THINGS!  If you know that disclosing the RowID in a 
> URL is ungood, then DO NOT DO THAT.  Sheesh.  As my good buddy Buggs Bunny 
> would say "What a maroon!".

>> -----Original Message-----
>> From: sqlite-users [mailto:sqlite-users-
>>] On Behalf Of Simon Slavin
>> Sent: Thursday, 30 November, 2017 07:16
>> To: SQLite mailing list
>> Subject: [sqlite] Article on AUTOINC vs. UUIDs
>> Thought some of you might enjoy seeing this article.  I make no
>> comment on what I think of the reasoning therein.  It’s set in the
>> PostgreSQL world, but you could make an external function for SQLite
>> which generates UUIDs.
>> <
>> increment-is-a-terrible-idea/>
>> "Today, I'll talk about why we stopped using serial integers for our
>> primary keys, and why we're now extensively using Universally Unique
>> IDs (or UUIDs) almost everywhere."
>> Simon.
>> _______________________________________________
>> sqlite-users mailing list
> _______________________________________________
> sqlite-users mailing list

sqlite-users mailing list

Reply via email to