On 12 November 2016 at 13:14, Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> wrote: > On Sat, Nov 12, 2016 at 11:17:39AM -0500, Stephen John Smoogen wrote: >> On 11 November 2016 at 22:20, Zbigniew Jędrzejewski-Szmek >> <zbyszek@xxxxxxxxx> wrote: >> > On Fri, Nov 11, 2016 at 01:20:26PM -0500, Stephen Gallagher wrote: >> >> >> I can't think of a reason why we'd need a cryptographically secure >> >> transformation just to generate a random hostname. >> > >> > We want it cryptographically secure to preserve the machine-id. It's >> > probably not too important in itself, but it's a good idea to keep >> > it hidden because other hashes might be generated from it. >> >> Which lies in the problem. If people are going to derive hashes from >> it they will do so any way the want and most likely it will be leaked >> out by someone doing a sum or just copying it etc. If there is >> something 'unique' on a system, it will leak out eventually. All you >> can do is try to design to drip out slowly or pour out all at once. >> Trying to find some happy middle ground ends up usually with it >> pouring out all at once when no one expected it. > > True. But one, it's not *that* important, it's not the root password > or anything. But two, it'd say that we're designing it to drip out very > very slowly. Until someone decides that deriving the root password from the machine-id is a good idea. In the end, I have said my piece.. you guys have fun. > Zbyszek > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx -- Stephen J Smoogen. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
