On Sat, Apr 18, 2020 at 06:14:58PM +0200, ilf wrote: > IMHO all the arguments also apply here. IMHO we should chose a form of > Message-ID that (a) does not include unneccessary system information and (b) > matches that of other MUAs. Maybe we should follow these "Recommendations > for generating Message IDs"? > https://tools.ietf.org/html/draft-ietf-usefor-message-id-01
Using a standard method for generating IDs is one I would support in
general, as I believe in standards conformance in absentia of a good
reason not to conform. Gowever in this case, it appears the
referenced document never made it past draft status. It could be
because the document itself describes its own flaw, which is the same
flaw I have just explained in another message that the one being
discussed here has:
3.2.2. Using a psuedorandom number generator
One could take 64 bits from a good, well-seeded pseudorandom number
generator [PRNG] in order to significantly increase the uniqueness of
the Message-ID. The advantage of this method is that it is fast and
generally effective. The disadvantage is that in a perfect random
number generation scheme, the possibility of getting the same number
twice in a row is exactly the same probability as getting any two
numbers.
In other words, this scheme does not guarantee uniqueness, and is
therefore broken.
--
Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail due to spam prevention. Sorry for the inconvenience.
signature.asc
Description: PGP signature
