> >If 128 bits isn't big enough for any other reason, then it probably isn't
> >big enough for security. If 128 bits is big enough to make a random
> >collision infeasible, then what other problems might it have?
> There are human and mechanical decoding efficiencies in using sparsely
> populated spaces of densely populated clusters. This has nothing at all to
> do with security. Think of it as wanting to prereserve a large enough pool
> of names that you'll never have to grow the pool.
URLs are variable length, so, unlike most traditional unique IDs, you can grow the pool without pain. I don't see a need to choose a length that is sufficient for any more than easily foreseeable demand.
-- http://www.apache-ssl.org/ben.html "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi