ikiwiki-hosting-common 0.20170622ubuntu1 / usr / share / doc / ikiwiki-hosting-common / design / username.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>username</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />

<link rel="stylesheet" href="../style.css" type="text/css" />

<link rel="stylesheet" href="../local.css" type="text/css" />










</head>
<body>

<div class="page">

<div class="pageheader">
<div class="header">
<span>
<span class="parentlinks">

<a href="../index.html">ikiwiki hosting internals</a>/ 

<a href="../design.html">design</a>/ 

</span>
<span class="title">
username

</span>
</span>



</div>









</div>





<div id="pagebody">

<div id="content" role="main">
<p>Site subdomains are mapped to unique unix usernames.</p>

<p>Subdomain limits:</p>

<ul>
<li>253 characters total (including top level domain)</li>
<li>a-zA-Z0-9-</li>
</ul>


<p>Unix username limits:</p>

<ul>
<li>32 characters limit (some things support longer, but not everything)</li>
<li>recommended to match: [a-z<em>][a-z0-9</em>-]*</li>
<li>may be user-visible (ie, for ssh)</li>
</ul>


<h2>format for short subdomains</h2>

<p>This format will be used most of the time, and it makes it easy to see
what hostname a process is running for, etc.</p>

<p>First 2 chars: Avoid conflict with system usernames, and briefly indicate
top-level domain name. "b-"</p>

<p>Remaining 30 chars: subdomain, if it is short enough</p>

<h2>format with hash for longer subdomains</h2>

<p>Any hash has potential for collisions. The chances of such a collision
occuring in relatively short, limited DNS subdomains are quite rare, and in
the unlikely case of one happening, the system should just print an error
and the user can pick a different subdomain. This means that the system has
to explicitly check for a hash collision at site creation time.</p>

<p>I think it follows that we do not have to choose a hash that is
crytographically strong.</p>

<p>md5_base64, with + replaced by _, and / by -</p>

<ul>
<li>22 characters</li>
<li>could spell a rude word, if unlucky</li>
<li>other 10 characters could be "b5-" + &lt;7 characters of subdomain&gt;
to avoid any overlap with other usernames, encode the hash type,
and make the subdomain semi-discoverable</li>
<li>small potential for collisions</li>
</ul>


<p>md5_hex</p>

<ul>
<li>32 characters</li>
<li>no rude words</li>
<li>small potential for overlap with (32 character only!) system usernames</li>
<li>small potential for collisions</li>
</ul>


<p>sha1_base64, with + replaced by _, and / by -</p>

<ul>
<li>27 characters</li>
<li>could spell a rude word, if unlucky</li>
<li>other 5 characters could be "bsh1-" to avoid any overlap
with other usernames, and encode the hash type
(or "b1-" + &lt;2 characters of subdomain&gt;, but 2 chars is not
a worthwhile amount)</li>
<li>small(er?) potential for collisions</li>
</ul>


<p>half of md5_hex</p>

<ul>
<li>16 characters</li>
<li>no rude words</li>
<li>other 16 characters can be "b5-" + &lt;12 characters of subdomain&gt; + "-"
to avoid any overlap with other usernames, encode the hash type,
and make the subdomain semi-discoverable</li>
<li>larger potential for collisions, as we have a 64 bit hash</li>
<li><strong>what is currently used</strong></li>
</ul>


</div>







</div>

<div id="footer" class="pagefooter" role="contentinfo">

<div id="pageinfo">






<div id="backlinks">
Links:

<a href="../design.html">design</a>


</div>






<div class="pagedate">
Last edited <span class="date">Thu Jun 22 09:08:31 2017</span>
<!-- Created <span class="date">Thu Jun 22 09:08:31 2017</span> -->
</div>

</div>


<!-- from ikiwiki hosting internals -->
</div>

</div>

</body>
</html>