lu...@webconnex.com wrote:
> It would still be trivial to brute force, yes.. Having it start with 0
> every time you restart the server isn't exactly desired either though,
> especially if you restart multiple servers you end up with the counters
> being closer together than they would be if they started out with a
> random value.
But that doesn't matter, so long as they do not end up the same...after
all, it's a value that is supposed to be guaranteed unique, and should
never have any security application.
Brute-forcing shouldn't matter. You shouldn't be using OIDs in such a
way that brute-force guessing of the OID will lead to a security problem
for you.
--Jeff