10 Jun
2016
10 Jun
'16
11:48 p.m.
David Mertz <mertz@gnosis.cx> wrote:
It feels to me like the correct spelling in 3.6 should probably be secrets.getrandom() or something related to that.
Since there already is a secrets.randbits(k), I would keep the naming similar and suggest something like: secrets.randbytes(k, *, nonblock=False) With the argument "nonblock" you can control what happens when not enough entropy is available: It either blocks or (if nonblock=True) raises an exception. The third option, getting unsecure random data, is simply not available in this function. Then you can keep os.urandom() as it was in Python 3.4 and earlier, but update the documentation to better warn about its behavior and point developers to the secrets module. Sebastian