On Thu, Jul 27, 2006 at 15:15:32 +0200,
Tomasz Ostrowski <tometzky@batory.org.pl> wrote:
>
> * PostgreSQL integers (as returned by nextval()) are 4 bytes. This
> means only 32 bit strength - much too low for today computers.
They are actually 8 bytes. Since session ids aren't valuable for very long
you could actually make a usable system out of this if you rekeyed
frequently.
If the issue is how to cheaply prevent collisions that might occur from
using random session ids, one might consider concatenating a random string
with a sequence. As long as the sequence won't wrap around before a session
id will expire, this will prevent collisions.