On Fri, Apr 17, 2020 at 07:14:02PM -0700, Kevin wrote in
<20200418021402.gg2...@afu.lan>:
On Fri, Apr 17, 2020 at 07:59:01PM -0500, Derek Martin wrote:
This is utterly pointless. This may come off as harsh but please
understand that's not intended. I just want to be completely clear
hee so there is no misunderstanding or equivocation.
I would also note that the current message id generation algorithm is
deterministic. It's easy to understand how it generates, and to know
the exact limitations where it might fail. Swapping out those bits of
uniqueness with a random() call takes away the determinism.
The tiny (in my opinion too) information leaks, are not worth that
trade-off.
I think having the message ID being non deterministic would be of greater
value. The more deterministic it is, the easier it would be for someone to
create a clash. I can't think of an example why someone would want to do
that, but I also can't really think of an example where a (fully)
deterministic Message-ID would be of value.
In my opinion my patch reduces the complexity of the code, albeit in a
neglectable way, and also addresses the concerns about information being
leaked even when these concerns might be considered tiny or pointless by
you/Derek/some/most. The random() function is already seeded in s_init.c
anyways.
Kind regards,
Remco Rijnders (*over and out*)
