Can UUID v7 be treated as a unguessable, opaque identifier?
RFC4122bis specifies UUID v7, a version which contains 74 bits of randomness.
Assuming I use a CSPRNG to generate the random bits: Are these UUIDs considered to be unguessable and are enough to prevent attacks such as IDOR?
Continue reading Can UUID v7 be treated as a unguessable, opaque identifier?