Nick Coghlan
On 17 September 2015 at 04:55, Tim Peters
wrote: [Brett Cannon
] And if yes to a PEP, who's writing it? And then who is writing the implementation in the end?
Did you just volunteer? Great! Thanks OK, Steven already volunteered to write a PEP for his proposal.
As far as implementation goes, based on a separate discussion at https://github.com/pyca/cryptography/issues/2347, I believe the essential cases can all be covered by:
def random_bits(bits): return os.urandom(bits//8)
def random_int(bits): return int.from_bytes(random_bits(bits), byteorder="big")
def random_token(bits): return base64.urlsafe_b64encode(random_bits(bits)).decode("ascii")
def random_hex_digits(bits): return binascii.hexlify(random_bits(bits)).decode("ascii")
I think you want a little bit more flexibility than that, because the allowed characters may depend on the specific protocol (of course, people can use the hex digits version, but the output is longer). (quite a good idea, that "secrets" library - I wonder why nobody proposed it before ;-)) Regards Antoine.