GUIDs

[Robert Olson]

 > A globally-unique identifier made up of time and ip and 3 random digits:

This might be unique, but it's definitely not random. There are places 
where cryptographically secure random numbers are good, and these won't count.

We can get much better randomness with something like this:

         pool = Crypto.Util.randpool.RandomPool()
         pool.stir()
         token_bytes = self.pool.get_bytes(32)
         h = Crypto.Hash.SHA.new()
         h.update(token_bytes)
         token_digest = h.hexdigest()

token_digest is then a fixed-length ascii screen that's pretty darn unique.

--bob