Hi python-dev and Raymond,
I think this change is a considerable usability regression for the documentation. Right now the warnings about CSPRNGs are hidden in the introductory paragraph, which users are likely to skip. I agree that there's no need to repeat the same advice twice, but I'd much rather we kept the ".. warning:: " version, so users are more likely to actually read it.
Also, there's a few errors with your commit message. First, we can reasonably assert that urandom provides an acceptable CSPRNG, mostly because it does on every platform I'm aware of. Second, urandom is still a psuedo-random number generator, however they are cryptographically secure, it's not "more random". Wikipedia does a good job laying out the necessary properties for a CSPRNG: https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_g...
On Sat, May 10, 2014 at 2:05 PM, raymond.hettinger email@example.com wrote:
http://hg.python.org/cpython/rev/b466dc34b86e changeset: 90618:b466dc34b86e parent: 90616:ce070040e1a6 user: Raymond Hettinger firstname.lastname@example.org date: Sat May 10 14:05:28 2014 -0700 summary: Remove the redundant and poorly worded warning message.
The paragraph above already says, clearly and correctly, that "However, being completely deterministic, it is not suitable for all purposes, and is completely unsuitable for cryptographic purposes."
Also we should make any promises about SystemRandom or os.urandom() being cryptographically secure (they may be, but be can't validate that promise). Further, those are actual random number generators not psuedo-random number generators.
files: Doc/library/random.rst | 6 ------ 1 files changed, 0 insertions(+), 6 deletions(-)
diff --git a/Doc/library/random.rst b/Doc/library/random.rst
@@ -43,12 +43,6 @@
uses the system function :func:
os.urandom to generate random numbers
from sources provided by the operating system.
-- Repository URL: http://hg.python.org/cpython
Python-checkins mailing list Pythonemail@example.com https://mail.python.org/mailman/listinfo/python-checkins
-- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084