[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?

Larry Hastings larry at hastings.org
Fri Jun 10 17:06:29 EDT 2016

On 06/10/2016 12:54 PM, Theodore Ts'o wrote:
> So even on Python pre-3.5.0, realistically speaking, the "weakness" of
> os.random would only be an issue (a) if it is run within the first few
> seconds of boot, and (b) os.random is used to directly generate a
> long-term cryptographic secret.  If you are fork openssl or ssh-keygen
> to generate a public/private keypair, then you aren't using os.random.

Just a gentle correction: wherever Mr. Ts'o says "os.random", he means 
"os.urandom()".  We don't have an "os.random" in Python.

My thanks to today's celebrity guest correspondent, Mr. Theodore Ts'o!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160610/acc0d924/attachment-0001.html>

More information about the Python-Dev mailing list