Re: How does http_find_header() work?

From: Roy Smith <roy#s7labs.com>
Date: Fri, 1 Apr 2011 09:05:59 -0400

On Apr 1, 2011, at 2:11 AM, Willy Tarreau wrote:

> On Thu, Mar 31, 2011 at 08:10:04AM -0400, Roy Smith wrote:

>> I didn't really write a specification, but I think a critical part of the spec
>> would be that the only guarantee about the id string is that it's unique

>
> It's unique within a delimited perimeter.

Well, yes, but that's a general problem which is difficult to solve. There's really only two ways to generate unique identifiers. One is to use some probabilistic algorithm with a large enough entropy that the chances of a collision are very low. Uuid, and crypto hashes of various flavors are all examples of this approach.

The other is to have some globally administered namespace. Examples would be global IPv6 addresses (and IPv4, before evil things like NAT came along!), telephone numbers, and the like. Even so, those are only useful for cooperating parties, not

> providing proofs in case of litigation

since they can be spoofed by evil-doers.

I understand that other people may have other uses for this capability, which would imply additional requirements. I'm fine with switching to a different way of generating the unique ids. My concerns are three:

  1. Efficiency. Computing a UUID on every request, for example, would probably be prohibitively expensive.
  2. Portability. I only have a very limited number of systems available to me at the moment (Ubuntu and OSX). As things get more complex (i.e. involving crypto), they also get less portable, and I have no way to test my code on other systems.
  3. My time. I have a limited amount of time I can devote to this activity. I'm certainly willing to invest more time than I have if I can make this more useful to a wider audience. We find haproxy a useful tool in our business and giving back something to the community is an obligation I take seriously. On the other hand, I don't want to get dragged down a rat-hole implementing every conceivable bell and whistle.

So, with the above three points in mind, what's a reasonable path to continue this and get it to a point where it's worth including in the core distribution? 

--
Roy Smith
roy.smith#s7labs.com
Received on 2011/04/01 15:05

This archive was generated by hypermail 2.2.0 : 2011/04/01 15:15 CEST