[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?

Ethan Furman ethan at stoneleaf.us
Wed Jun 15 16:30:33 EDT 2016

On 06/15/2016 01:01 PM, Nick Coghlan wrote:

> For 3.6+, we can instead make it so that the only things that actually
> rely on cryptographic quality randomness being available are:
> - calling a secrets module API
> - calling a random.SystemRandom method
> - calling os.urandom directly

> However, we don't need to make those block waiting for randomness to
> be available - we can update them to raise BlockingIOError instead
> (which makes it trivial for people to decide for themselves how they
> want to handle that case).
> Along with that change, we can make it so that starting the
> interpreter will never block waiting for cryptographic randomness to
> be available (since it doesn't need it), and importing the random
> module won't block waiting for it either.



More information about the Python-Dev mailing list