[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits? (original) (raw)
Ionel Cristian Mărieș contact at ionelmc.ro
Thu Jun 16 07:27:01 EDT 2016
- Previous message (by thread): [Python-Dev] Our responsibilities (was Re: BDFL ruling request: should we block forever waiting for high-quality random bits?)
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Jun 16, 2016 at 1:04 PM, Donald Stufft <donald at stufft.io> wrote:
In my opinion, this is a usability issue as well. You have a ton of third party documentation and effort around “just use urandom” for Cryptographic random which is generally the right (and best!) answer except for this one little niggle on a Linux platform where /dev/urandom may produce predictable bytes (but usually doesn’t).
Why not consider opt-out behavior with environment variables? Eg: people that don't care about crypto mumbojumbo and want fast interpreter startup could just use a PYTHONWEAKURANDOM=y or PYTHONFASTURANDOM=y.
That ways there's no need to change api of os.urandom() and users have a clear and easy path to get old behavior.
Thanks, -- Ionel Cristian Mărieș, http://blog.ionelmc.ro -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20160616/16bd71a9/attachment.html>
- Previous message (by thread): [Python-Dev] Our responsibilities (was Re: BDFL ruling request: should we block forever waiting for high-quality random bits?)
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]