On 6 Jan 2011, at 17:51, Chris Browne wrote: > wmo...@potentialtech.com (Bill Moran) writes: > If your system is sufficiently negligently designed that this particular > conflict causes it to kill people, then I wouldn't be too inclined to > point at this issue with UUIDs being the Real Problem with the system. > > This is NOT the only risk that the system faces; you can't get *nearly* > as low probabilities attached to hardware and network issues such as: > - Disks failing > - Cosmic rays twiddling bits in memory > - Network connections failing part way through the work > - Dumb techs blindly cloning the same "host key" onto every one of the > EMTs' data collection devices
Let's say that you actually build a mission critical system for which you'd need to evacuate the country if it fails. You pick the best ECC RAM you can find, the most reliable type of disk storage available, your fallback network has a fallback network of it's own, etc. Basically you have done everything you could to ensure that the chances of the system failing are as small as technically possible. All those little failure chances add up to a certain number. Using UUID's for your ID's is not required for the design of the system, yet you chose to do so. You added a nearly infinite chance of UUID collisions to the accumulated chance of the system failing. Now the system miraculously fails and the country needs evacuating. A committee is going to investigate why it failed. If the dumb techy above is responsible, they just found themselves a scape-goat. If they didn't, but stumble upon your unnecessary usage of UUID's instead... Let's just say I don't want to be that person. I have to agree with Bill here, if lives depend on your system then anything that adds to the failure chances is very hard to defend. In the end it often boils down to responsibility in case of failure, not to mention what it does to your own peace of mind. Alban Hertroys -- If you can't see the forest for the trees, cut the trees and you'll see there is no forest. !DSPAM:737,4d260af211541129314545! -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
