There are some minor points, but I agree that it basically boils down to “serial IDs break security-by-obscurity.”
That’s true, but…. -j > On Nov 30, 2017, at 9:00 AM, Keith Medcalf <kmedc...@dessus.com> wrote: > > > Well, in my opinion the guy is an idiot. The way to avoid the issues he is > describing as the problems with serial IDs (or using the RowID) are simple to > avoid: DO NOT DO THOSE THINGS! If you know that disclosing the RowID in a > URL is ungood, then DO NOT DO THAT. Sheesh. As my good buddy Buggs Bunny > would say "What a maroon!". >> -----Original Message----- >> From: sqlite-users [mailto:sqlite-users- >> boun...@mailinglists.sqlite.org] On Behalf Of Simon Slavin >> Sent: Thursday, 30 November, 2017 07:16 >> To: SQLite mailing list >> Subject: [sqlite] Article on AUTOINC vs. UUIDs >> >> Thought some of you might enjoy seeing this article. I make no >> comment on what I think of the reasoning therein. It’s set in the >> PostgreSQL world, but you could make an external function for SQLite >> which generates UUIDs. >> >> <https://www.clever-cloud.com/blog/engineering/2015/05/20/why-auto- >> increment-is-a-terrible-idea/> >> >> "Today, I'll talk about why we stopped using serial integers for our >> primary keys, and why we're now extensively using Universally Unique >> IDs (or UUIDs) almost everywhere." >> >> Simon. >> _______________________________________________ >> sqlite-users mailing list >> sqlite-users@mailinglists.sqlite.org >> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users > > > > _______________________________________________ > sqlite-users mailing list > sqlite-users@mailinglists.sqlite.org > http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
