Re: Using PK value as a String

["H. Hall" <hhall1001@xxxxxxxxxxxxxx>]

Bill Moran wrote:
> In response to Steve Atkins <steve@xxxxxxxxxxx>:
>
>   
> > On Aug 12, 2008, at 8:21 AM, Bill Moran wrote:
> >
> >     
> > > In response to Moritz Onken <onken@xxxxxxxxxxxxxxxx>:
> > >
> > >       
> > > > Am 12.08.2008 um 17:04 schrieb Bill Moran:
> > > >
> > > >         
> > > > > In response to Moritz Onken <onken@xxxxxxxxxxxxxxxx>:
> > > > >
> > > > >           
> > > > > > We chose UUID as PK because there is still some information in an
> > > > > > integer key.
> > > > > > You can see if a user has registered before someone else  
> > > > > > (user1.id <
> > > > > > user2.id)
> > > > > > or you can see how many new users registered in a specific period  
> > > > > > of
> > > > > > time
> > > > > > (compare the id of the newest user to the id a week ago). This is
> > > > > > information
> > > > > > which is in some cases critical.
> > > > > >             
> > > > > So you're accidentally storing critical information in magic values
> > > > > instead of storing it explicitly?
> > > > >
> > > > > Good luck with that.
> > > > >           
> > > > How do I store critical information? I was just saying that it easy
> > > > to get some information out of a primary key which is an incrementing
> > > > integer. And it makes sense, in some rare cases, to have a PK which
> > > > is some kind of random like UUIDs where you cannot guess the next  
> > > > value.
> > > >         
Interesting. Ordered chronologically and the next value is unguessable.

> > > I just repeated your words.  Read above "this is information which  
> > > is in
> > > some cases critical."
> > >
> > > If I misunderstood, then I misunderstood.
> > >
> > >       
> > I think Moritz is more concerned about leakage of critical information,
> > rather than intentional storage of it. When a simple incrementing  
> > integer
> > is used as an identifier in publicly visible places (webapps, ticketing
> > systems) then that may leak more information than intended.
> >     

I think there are better ways to accomplish this than encoding and 
decoding/decrypting a PK. Store the sensitive data in a session variable 
or store session data in the database neither of which is accessible to 
users.

It is usually a big mistake to de-normalize a table by encoding several 
fields in a single column PK or not.  If you want to do something with 
the encoded data such as find one or more rows with an encoded value 
then  you will have to inspect every row and decode it and then compare 
it or add it or whatever.


> Then I did misunderstand.
>
>   


--
H. Hall
ReedyRiver Group LLC
http://www.reedyriver.com