[wsf-dev] 160 bit message id

Greg Whitehead greg.whitehead at hp.com
Mon Apr 30 21:27:03 EDT 2007 

I would suggest that you use the random UUID format and the cryptographic
PRNG.

-Greg


On 4/30/07 8:25 PM, "Asa Hardcastle" <asa.openliberty at zenn.net> wrote:

> Unfortunately, java can't get to the MAC address.  
> 
> According to wikipedia (which I realize can't be trusted) on random 128 bit
> UUIDs:
> 
> "The number of theoretically possible UUIDs is therefore 2(128) = 256(16) or
> about 3.4 × 10(38).  This means that 1 trillion UUIDs have to be created every
> nanosecond for 10 billion years to exhaust the number of UUIDs."
> 
> My understanding from the specification:
> 
> * must ensure a negligible risk of collision (as Conor has said)
> * if pseudorandom, must use at least 160 random bits
> * according to WSAv1,  wsa:MessageId must be an IRI
> - like "http://example.com/someuniquestring"
> 
> Which leaves me with: "http://someurl.com/160bitsofrandomfun" - which should
> be extremely unlikely to collide - seems like the  "http://someurl.com/" is
> somewhat unnecessary - and potentially a privacy concern.
> 
> asa
> 
> 
> 
> 
>  
> 
> --
> Asa Hardcastle, Technical Lead, openLiberty
> Tel: +1.413.429.1044 Skype: subsystem7
> 
>  
> 
> On Apr 30, 2007, at 4:51 PM, Cahill, Conor P wrote:
> 
>>   
>> There's an interesting history in the discussion of the message ID value. 
>>  
>>  
>>  
>> The current requirement (lines 557-559 of the SOAP Bindings specification)
>> is:
>>  
>>>   
>>>   
>>> 
>>> Any party that assigns a value to a <wsa:MessageID> header block MUST ensure
>>> that   there is negligible probability that   that party or any other party
>>> will accidentally assign the same   identifier to any other   message
>>  
>> This is not a 160 or 128 bit requirement.
>>  
>>  
>>  
>> I would presume that a 128 bit UUID that included the 48 bits of mac address
>> of the issuing host would meet that requirement.
>>  
>>  
>>  
>> Conor
>> 
>>  
>>>   
>>>   
>>> 
>>>   From: wsf-dev-bounces at openliberty.org
>>> [mailto:wsf-dev-bounces at openliberty.org] On Behalf Of Asa   Hardcastle
>>> Sent: Monday, April 30, 2007 4:36 PM
>>> To:   wsf-dev at openliberty.org
>>> Subject: [wsf-dev] 160 bit message   id
>>> 
>>>   
>>> Hi All,  
>>> 
>>>   
>>> Does anyone know the origin of the 160 bit message id requirement in the
>>> <wsa:MessageID> header?  Before I read that line I was thinking of   using a
>>> 128 bit UUID.
>>>   
>>> 
>>>   
>>> thanks,
>>>   
>>> 
>>>   
>>> asa
>>> 
>>> 
>>>   
>>> 
>>>   
>>> 
>>>   
>>> --
>>>   
>>> Asa Hardcastle, Technical Lead, openLiberty
>>>   
>>> Tel: +1.413.429.1044 Skype: subsystem7
>>> 
>>> 
> 
> 
> 
> _______________________________________________
> wsf-dev mailing list
> wsf-dev at openliberty.org
> http://lists.openliberty.org/mailman/listinfo/wsf-dev


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openliberty.org/pipermail/wsf-dev/attachments/20070430/14e5ba3e/attachment.html

More information about the wsf-dev mailing list