go.uuid icon indicating copy to clipboard operation
go.uuid copied to clipboard
verified publisher icon satori

Origin validation

Open juliandroid opened this issue 8 years ago • 2 comments

This my seem odd feature request, but I was wandering about a use case that might be interesting to discuss.

Let's assume I have 100 devices with their own MAC addresses and let's assume that these devices generates their own UUIDs as part of the whole data.

At some point in time those devices send a request to the mother ship (cloud) with the newly generated UUIDs. For example, let's assume that each of those devices generate a small, sub graph, where those UUIDs are important part of the data inside.

Now, when you want to merge the data on the mother ship you'll have to validate that those UUIDs are really generated correctly, by using their own MAC addresses. A possible con might be one device to pretend to be another. Also, if you use timestamp as part of the UUID, you might want to verify that the UUID is generated by using a timestamp (or time interval between X and Y).

Since the package generates the UUIDs it would be a good question is it possible to be performed a symmetric check that validates the UUID by MAC and/or timestamp?

In my example, if I find on the cloud that the UUIDs are not generated with correct MAC or timestamp, I might decide to regenerate the UUIDs to assure data consistency. To generate one on the cloud I have to pass MAC and/or timestamp.

In this particular case I guess there will be needed a change in the constructors to accept MAC and timestamp as arguments (instead of unconditionally search for a network interface with setup MAC address and/or use current timestamp).

juliandroid avatar Jan 24 '17 23:01 juliandroid

Do you still have a need for this feature?

Would most of your needs be filled if you could easily extract the MAC address and time.Time value out of the timestamp, so that you could compare them?

I'm admittedly hesitant to easily allow the injection of a different MAC address or timestamp.

theckman avatar Jul 23 '18 03:07 theckman

Currently my need is postponed for later time (cloud implementation), but from consistency point of view seems like a good idea. However this is not part of the original RFC.. Also it seems most of my colleagues are using google/uuid anyway.

dvlempljl avatar Jul 23 '18 09:07 dvlempljl