UUIDs?
Axel,
Have you ever seen this? www.broofa.com/2008/09/javascript-uuid-function
I've been using this for several years
While I agree with you on their usefulness, I don't think this will fly, at least for the browser. This would allow fingerprinting users which is considered a very bad thing (makes tracking without cookies possible), and is very much avoided in all browser APIs, especially a problem with APIs that expose information about the underlying system.
(~~(Math.random() * 1e9)).toString(36) + Date.now();
Wrong list, sorry about that :)
What does time or position have to do with uniqueness? Why not velocity, spin and charm? Seriously, given a good source of entropy, a large enough random number is globally unique.
Math.random() is not a good source of entropy, but crypto.getRandomValues is. See wiki.whatwg.org/wiki/Crypto.
Random number in big enough range could replace uuid in most cases. But it's still not truely unique.
In specified time and specified position(specified device), you can make sure there is only one uuid generated.
BTW, we are using crypto.getRandomValues in our project, it works well until now. But I think it would be better if we have native uuid in JS.
2012/3/23 Mark S. Miller <erights at google.com>:
On Thu, Mar 22, 2012 at 10:20 AM, 程劭非 <csf178 at gmail.com> wrote:
Random number in big enough range could replace uuid in most cases. But it's still not truely unique.
In specified time and specified position(specified device), you can make sure there is only one uuid generated.
How do you make sure? How do you uniquely identify a device? How do you make sure that no two devices have the same identity? How do you know where you are and what time it is? All these have engineering answers that are good enough for most purposes. All those answers are less reliable than simply adding more bits to your random number -- if you are confident you have a good enough source of entropy.
This is not the right list to debate this matter.
I agree, UUID's are becoming increasingly more useful for applications as apps need quick and unique identifiers to send back and form relationships between data.
On Thursday, March 22, 2012, 程劭非 <csf178 at gmail.com> wrote:
Random number in big enough range could replace uuid in most cases. But it's still not truely unique.
In specified time and specified position(specified device), you can make sure there is only one uuid generated.
BTW, we are using crypto.getRandomValues in our project, it works well until now. But I think it would be better if we have native uuid in JS.
2012/3/23 Mark S. Miller <erights at google.com>:
What does time or position have to do with uniqueness? Why not velocity, spin and charm? Seriously, given a good source of entropy, a large enough random number is globally unique.
Math.random() is not a good source of entropy, but crypto.getRandomValues is. See wiki.whatwg.org/wiki/Crypto.
On Thu, Mar 22, 2012 at 3:30 AM, 程劭非 <csf178 at gmail.com> wrote:
UUID is not only a random Number or String. It has to contain time and position to make itself unique in the world.
It looks Math.random is related to time. We have no way to involve position information to JS currently.
2012/3/16 Nuno Job <nunojobpinto at gmail.com>:
Wrong list, sorry about that :)
On Thu, Mar 15, 2012 at 4:34 PM, Nuno Job <nunojobpinto at gmail.com> wrote:
(~~(Math.random() * 1e9)).toString(36) + Date.now();
On Thu, Mar 15, 2012 at 4:33 PM, Rick Waldron <waldron.rick at gmail.com
wrote:
Axel,
Have you ever seen this? www.broofa.com/2008/09/javascript-uuid-function
I've been using this for several years
Rick
On Thu, Mar 1, 2012 at 5:45 PM, Axel Rauschmayer <axel at rauschma.de> wrote:
UUIDs are useful for many tasks. One cannot create good ones in JavaScript without browsers exposing more of the underlying
platform.
2012/3/22 Mark S. Miller <erights at google.com>
On Thu, Mar 22, 2012 at 10:20 AM, 程劭非 <csf178 at gmail.com> wrote:
Random number in big enough range could replace uuid in most cases. But it's still not truely unique.
In specified time and specified position(specified device), you can make sure there is only one uuid generated.
How do you make sure? How do you uniquely identify a device? How do you make sure that no two devices have the same identity? How do you know where you are and what time it is? All these have engineering answers that are good enough for most purposes. All those answers are less reliable than simply adding more bits to your random number -- if you are confident you have a good enough source of entropy.
Yeah, and UUIDs, as unique as they are, aren't usually just magically that unique, for example v3 and v5 are pretty much just using a random number to generate the UUIDs. [1] I personally think UUIDs are a somewhat broken idea anyway. They are useful, but they have the same problem as random numbers. How can you tell if it's unique? Or is this random: 1 1 1? You can throw that with dice, it isn't even improbable and it has way more entropy a computer program can access.
And like I said earlier, you really don't want the browser to be able to uniquely identify a device. That's pretty much breaking every effort for anti-tracking out there.
This is not the right list to debate this matter.
Agreed. This belongs more to the APIs of the host environment.
UUIDs are useful for many tasks. One cannot create good ones in JavaScript without browsers exposing more of the underlying platform. Would it make sense to add UUID generation to ECMAScript.next? Or is that something for a browser API?
Axel