David Carter wrote:
On Fri, 7 Sep 2007, Bron Gondwana wrote:
If we go with a 'uuid_mode' option, my inclination is default it to
'none' or 'off', so standalone servers aren't wasting CPU by doing
SHA1 (or else we couple check for 'sync_host' && 'uuid_mode' before
doing SHA1).
I'd be inclined to make them two separate choices, because sha1 in the
index is still very valuable for integrity checks and potentially
duplicate finding (post dated "single instance store" even!)
Agreed.
Do we want to to rename the UUID field (CHECKSUM? SHA1?) as part of the
work? The original name is rather accidental, and there is obvious
potential for confusion with UIDs.
That's a good point. The fact that we are leveraging the SHA1 hash as
the UUID is coincidental. I vote for 'checksum', since the algorithm
that we use *might* change in the future.
On another note, we can't include LGPL SHA1 code in our distro. I have
two alternatives:
1. Use the SHA1 implementation in OpenSSL. This makes replication
dependent on OpenSSL, but I've already done this with the IMAP URLAUTH
extension, and I would assume that most sites compile with OpenSSL anyways.
2. Use the free SHA1 reference code in RFC 3174.
Jeff (my CMU colleague) votes for using OpenSSL, and I'm inclined to agree.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
