About ID obfuscation: i like to use a small-width block cipher (e.g. 32-bit skipjack). A reversible int->int transform means you don't need an extra DB column, you're never prone to CRC32 collisions, you can still use base36 (why not case-sensitive base62?) for URLs, and with an application secret key there's no chance of reversal.

Well, maybe someone could aim to get many sequential keys and then reverse-engineer the state of the cipher, but that's also possible with your method.