• How many of my databases have used GUIDs? A couple that I inherited did but they don't now, so none. Do I look at what my databases need to do and seriously consider the use of GUIDs? Yes. Do I believe there are situations where GUIDs are needed: yes: I used to work on distributed systems and on systems that co-operated with eachother over networks in the days when there was no internet, and cooperative systems need something like GUIDs: there were several ideas sculling around the academic and industrial communities back then, but no standardisation efforts because no-one exected a really universal network to happen any time soon, but some of the things that were being talked about wouldn't look too strange to someone familiar with UUIDs.

    It's really quite simple: UUIDs (or GUIDs) are pretty well essential for some things if we want genuine universality, and even if we merely want universality within a fairly large network we need pretty much the same thing. On the other hand, most database applications that I've actually seen don't need them. So the only sane thing to do is to look at each case and decide whether UUIDs or something else are the right tool for the job - and I expect that the number of cases where they are the right tool is on the increase. Anyone who believes they are always wrong is a fool, and so is eveyone who believes they are always right.

    Are there enough? I doubt it. I suspect that in two or three decades we will have enough of them to be hit by ocassional collisions unless we increase the length. And if we want a standard that will last "for ever" we need to encode the length in a form that unambiguosly determines its own length as well as the length of the UUID containing this length indicator.

    It would be nice to have something that would not be just probability based to enable us to have guaranteed uniqueness without compromising security. I don't know a way of doing that that doesn't have either a central trusted entity or a central authority for issue - it looks like an interesting cryptological problem, but for all I know it's already been proved impossible (and the people who are likely to know probably aren't going to tell us as they are all in Fort George G Meade, or Malvern, or Tel Aviv - or maybe Moscow or Beijing).

    Tom