On Monday, January 7, 2019 4:32:04 PM EST Lennart Poettering wrote: > On Mo, 07.01.19 16:04, John Harris (johnmh@xxxxxxxxxxxxx) wrote: > > > > On Monday, January 7, 2019 3:18:10 PM EST Lennart Poettering wrote: > > > > > hence my recommendation to derive the any uuid for purposes like this > > > from /etc/machine-id, by using a HMAC of some kind (see other mail). > > > > > > > > I really don't think that this should be derived in any way from a machine > > id, > > if it really is meant to be used for counting users, rather than > > tracking. > > Please read up on what I wrote above, and what an HMAC does. Deriving > some identifier from the machine ID doesn't mean you leak the machine > ID, but it means resetting the machine ID will also reset that > identifier, which is a useful property in this case. > > Lennart > > -- > Lennart Poettering, Red Hat My suggestion was not because of some fear that the machine ID would be leaked, but rather my personal opinion that this UUID should not be derived in any way from the machine ID. We need to first decide whether or not we want containers and other declarative environments to be considered separate machines. -- John M. Harris, Jr. <johnmh@xxxxxxxxxxxxx> Splentity https://splentity.com/
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
