Y
Hacker News
new
|
ask
|
show
|
jobs
by
devnull3
267 days ago
Why not use a different encryption key per session and stamp encrypted ids (or whatever info) to the outside word.
This way the DBs can use simple sequence numbers instead of timestamp based IDs.
1 comments
conradludgate
266 days ago
You have to know what key to use to decrypt the timestamp bits of the token. If you change keys regularly you have the problem of keeping lots of keys, as well as somehow determining the right key
link