Author gvanrossum
Recipients Arach, Arfrever, Huzaifa.Sidhpurwala, Jim.Jewett, Mark.Shannon, PaulMcMillan, Zhiping.Deng, alex, barry, benjamin.peterson, christian.heimes, dmalcolm, eric.snow, fx5, georg.brandl, grahamd, gregory.p.smith, gvanrossum, gz, haypo, jcea, lemburg, mark.dickinson, merwok, neologix, pitrou, skrah, terry.reedy, tim.peters, v+python, zbysz
Date 2012-01-19.00:46:43
SpamBayes Score 9.67386e-05
Marked as misclassified No
Message-id <CAP7+vJ+qyQSvnTsG3a5b-83s+iO=E-uYPuz4yg7nCf+8YF4qQg@mail.gmail.com>
In-reply-to <1326930263.3395.79.camel@localhost.localdomain>
Content
On Wed, Jan 18, 2012 at 3:46 PM, Antoine Pitrou <report@bugs.python.org>wrote:

>
> Antoine Pitrou <pitrou@free.fr> added the comment:
>
> > > As much as the counting idea rubs me wrong,
> >
> > FWIW, the original 2003 paper reported that the url-caching system that
> > they tested used collision-counting to evade attacks.
>
> I think that was DJB's DNS server/cache actually.
> But deciding to limit collisions in a specific application is not the
> same as limiting them in the general case. Python dicts have a lot of
> use cases that are not limited to storing URL parameters, domain names
> or instance attributes: there is a greater risk of meeting pathological
> cases with legitimate keys.
>

Really? This sounds like FUD to me.
History
Date User Action Args
2012-01-19 00:46:44gvanrossumsetrecipients: + gvanrossum, lemburg, tim.peters, barry, georg.brandl, terry.reedy, gregory.p.smith, jcea, mark.dickinson, pitrou, haypo, christian.heimes, benjamin.peterson, merwok, grahamd, Arfrever, v+python, alex, zbysz, skrah, dmalcolm, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, Jim.Jewett, PaulMcMillan, fx5
2012-01-19 00:46:44gvanrossumlinkissue13703 messages
2012-01-19 00:46:43gvanrossumcreate