[Python-Dev] Our responsibilities (was Re: BDFL ruling request: should we block forever waiting for high-quality random bits?)

[Sven R. Kunze]

> I also think it’s a great module for providing defaults that we can’t
> provide in os.urandom, like the number of bytes that are considered
> “secure” [1].
>
> What I don’t think is that the secrets module means that all of a sudden
> os.urandom is no longer an API that is primarily used in a security
> sensitive context

Not all of a sudden. However, I guess things will change in the future.

If we want the secrets module to be the first and only place where 
crypto goes, we should work towards that goal. It needs proper 
communication, marketing etc.

Deprecation periods can be years long. This change (whatever form it 
will take) can be carried out over 3 or 4 releases when the ultimate 
goal is made clear to everybody reading the docs. OTOH I don't know 
whether long deprecation periods are necessary here at all. Other 
industries are very sensitive to fast changes.

Furthermore, next generations will be taught using the new way, so the 
Python community should not be afraid of some changes because most of 
them are for the better.


On 16.06.2016 15:02, Donald Stufft wrote:
> I think that os.urandom is the most obvious thing that someone will reach for given:
>
> * Pages upon pages of documentation both inside the Python community
>    and outside saying “use urandom”.
> * The sheer bulk of existing code that is already out there using
>    os.urandom for it’s cryptographic properties.

That's maybe you. However, as stated before, I am not expert in this 
field. So, when I need to, I first would start researching the current 
state of the art in Python.

If the docs says: use the secrets module (e.g. near os.urandom), I would 
happily comply -- especially when there's reasonable explanation.


That's from a newbie's point of view.


Best,
Sven