Or is there a better way of doing it?
One additional: using a hash algorithm does produce unique values in many cases but doesn't guarantee them. If uniqueness is an absolute requirement you have to check if a key already exists and generate another one in this case (using a different secret f.e.).
Hm, out of interest, is there a way to be sure to get atomicity for the above algorithm? Otherwise there is always a small timespan in which an object with the same name could have been created - after the above check, but before you create it. Wouldn't it be simpler (in typical zope cases) to just try to create the objects in the same folder and just wrap the id generation and object creation in a try/except clause? And additionally - instead of using hashes - just to use a timestamp? cheers, oliver