On Tue, Apr 21, 2020 at 10:54:25PM +0200, Vincent Lefevre wrote: > On 2020-04-20 19:57:23 +0200, Gero Treuner wrote: > > This is necessary to stay on the deterministic track: For this we > > require that different Mutt instances use information which differs by > > the pid and time/sequence number at some point, which is the data fed to > > the hash algorithm. > > OK, that would be sufficient. But there is no need to be deterministic.
After all discussion I'm almost convinced that this idea should be abandoned. Starting with the current MessageId generation it still was appealing to have uniqueness by design, but turned out to be more an illusion. > > If we don't want to be deterministic, then I don't see a major advantage > > of hash functions compared to random data. > > In this case you need to make sure that such random data cannot be > guessed. This may be difficult without using entropy. Using entropy > each time Mutt is started would not be a good idea, in case a system > would run Mutt several times a second to send mail (e.g. personalized > mail to its users). With "random data" I meant all which pretends to deliver "random", without fixed choice. Cheating at GnuTLS they use /dev/urandom nowadays, which economically uses real entropy. I found this interesting article right now telling about pains and portability: https://nikmav.blogspot.com/2017/03/improving-by-simplifying-gnutls-prng.html Gero
