lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

On 2018-02-01 08:30 PM, Paige DePol wrote:
Sean Conner <> wrote:

It was thus said that the Great Paige DePol once stated:
Actually, if anything, you would almost need to create some
sort of central registry to manage the UUIDs used by people
and organisations and to map UUIDs to some logical names.
  Not really.  The generally used format for UUID is version 4 [1] is
randomly generated, and it's considered unlikely that randomly generated
UUIDs will clash (it's possible, but very unlikely).  And most modern Unix
systems (at least Linux and Mac OS-X, both of which I tested) come with a
command (uuidgen) that generates UUIDs.

  There are other versions as well---version 1 (not generally recommended
because of security concerns [2]) is well guarenteed to be unique since it's
based off the time of generation, and versions 3 and 5 use various hash
algorithms to generate UUIDs.

  This really depends upon a organization (or person) consistently using the
same UUID for each module released.


[1]	RFC-4122

[2]	It embeds the MAC address of the generating node inside the UUID.
After doing some reading I can see that there are both completely random
UUIDs, as well as ones that are generated from namespaces. It was more the
namespace ones I was thinking about, vs the totally random 128-bit ones.

My point about a registry was that if everyone was using UUIDs then we might
want some sort of registry so we'd know which UUID namespaces belonged to
which person or company.

I guess I just fail to see how using UUIDs instead of easy to read domain
style identifiers would make things any easier or useful is all.

This is code we're talking about. I don't think code should rely on a centralized service like DNS. Code should be decentralized.

Just make a random UUID, publish it somewhere, perhaps with a notation "lua-package:UUID", and have it indexed by search engines. This also doesn't depend on DNS and the code/UUID could be hosted on e.g. a Tor hidden service (which would make it a bit tricky to look up, but at least it wouldn't be centralized).


Disclaimer: these emails may be made public at any given time, with or without reason. If you don't agree with this, DO NOT REPLY.