[Melbourne-pm] Data::Token
Scott Penrose
scottp at dd.com.au
Wed May 28 17:17:06 PDT 2008
Hey Guys
Do you find you have to create unique and secure tokens? I keep
finding that. The conflict we face is that unique tokens are easy with
Data::UUID but they are predictable and therefore no good for
authentication or other secure tokens. So the usual practice is to add
a secret and take an MD5 of that number. The down side of that is they
are no longer guaranteed unique (although my understanding of MD5 is
that the closer the original string the further away the MD5).
Anyway, the point is the algorithm you use tends to be simple, but
often repeated, and may change as one learns issues (such as what to
use as a secret seed, or better alternatives to MD5 etc).
So I have created Data::Token, which you can run like this:
perl -MData::Token -e 'print token, qq{\n}'
Could you guys have a review of the module and give me some feedback
before I stick it on CPAN.
Ta
Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Data-Token-0.0.3.tar.gz
Type: application/x-gzip
Size: 3488 bytes
Desc: not available
Url : http://mail.pm.org/pipermail/melbourne-pm/attachments/20080529/d8abf9c7/attachment.gz
-------------- next part --------------
More information about the Melbourne-pm
mailing list