[Python-ideas] Should our default random number generator be secure?

Tim Peters tim.peters at gmail.com
Wed Sep 9 21:03:33 CEST 2015

[<random832 at fastmail.us>]
> I don't see how "Changing Python's RNG implementation today to
> arc4random as it exists now" necessarily implies "Making a commitment to
> guarantee the cryptographic suitability of Python's RNG for all time".
> Those are two separate things.

Disagree.  The _only_ point to switching today is "to guarantee the
cryptographic suitability of Python's RNG" today.  It misses the
intent of the switch entirely to give a "but tomorrow?  eh - that'[s a
different issue" dodge.

No, no rules of formal logic would be violated by separating the two -
it would be a violation of the only _sense_ in making a switch at all.
If you don't believe me, try asking Theo ;-)

More information about the Python-ideas mailing list