[Freedombox-discuss] secure UUIDs

Jonas Smedegaard dr at jones.dk
Sat Jul 20 22:53:57 UTC 2013


Hi Tim,

Quoting Tim Retout (2013-07-21 00:01:55)
> On 20 Jul 2013 19:38, "Jonas Smedegaard" <[1]dr at jones.dk> wrote:
>> Perl module [Data::UUID::MT] includes in its documentation a 
>> comparison between Perl-based UUID generators, including weak uses of 
>> random data and details like "For libuuid based modules, Version 1 
>> UUIDs will include the actual MAC address, if available".

> I'm sure you know this, but in case someone else doesn't: the 
> Data::UUID provided by Debian is actually libossd-uuid-perl for 
> licensing reasons.  So when those docs refer to Data::UUID, they are 
> talking about the module from CPAN, not from Debian.
> 
> Also, I recall Debian carries at least one patch to bring the OSSD 
> implementation into line with the "real" Data::UUID, but this 
> shouldn't affect MAC addresses.

Yes, I am aware of that detail - quite aware actually, in the sense that 
I have spent the last few days investigating that exact issue:
http://bugs.debian.org/717430

...and packaging Data::UUID: 
https://ftp-master.debian.org/new/libdata-uuid-perl_1.219-1.html

...which was what lead me to the documentation that I posted here :-)

Thanks anyway for mentioning it.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20130721/8783cb55/attachment.sig>


More information about the Freedombox-discuss mailing list