Message267978
| Author |
larry |
| Recipients |
christian.heimes, larry, lemburg |
| Date |
2016年06月09日.08:07:00 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1465459621.0.0.949649488814.issue27279@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
I +1 on new functions that are designated the best-practice places to get your pseudo-random numbers.
(IDK if the best place for both is in random; maybe the crypto one should be in secrets?)
To be precise: on most OSes what you're calling "crypto random data" is actually "crypto-quality pseudo-random data". Very few platforms provide genuine random data--rather, they seed a CPRNG and give you data from that. (And then the cryptographers have endless arguments about whether the CPRNG is really crypto-safe.)
I'm -1 on actually deprecating os.urandom(). It should be left alone, as a thin wrapper around /dev/urandom. I imagine your cryptorandom() and pseudorandom() functions would usually be written in Python and just import and use the appropriate function on a platform-by-platform basis. |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2016年06月09日 08:07:01 | larry | set | recipients:
+ larry, lemburg, christian.heimes |
| 2016年06月09日 08:07:01 | larry | set | messageid: <1465459621.0.0.949649488814.issue27279@psf.upfronthosting.co.za> |
| 2016年06月09日 08:07:00 | larry | link | issue27279 messages |
| 2016年06月09日 08:07:00 | larry | create |
|