[Python-ideas] Pre-PEP Adding A Secrets Module To The Standard Library

Nick Coghlan ncoghlan at gmail.com
Mon Sep 21 19:09:04 CEST 2015

On 22 September 2015 at 02:50, Chris Angelico <rosuav at gmail.com> wrote:
> On Tue, Sep 22, 2015 at 2:10 AM, Steven D'Aprano <steve at pearwood.info> wrote:
>> Are there use-cases for a strong random float between 0 and 1? If
>> so, is it sufficient to say secrets.randbelow(sys.maxsize)/sys.maxsize,
>> or should we offer secrets.random() and/or secrets.uniform(a, b)?
> I would be leery of such a function, because it'd be hard to define it
> perfectly. Tell me, crypto wonks: If I have a function randfloat()
> that returns 0.0 <= x < 1.0, is it safe to use it like this:

Floating point numbers and crypto don't go together - crypto is all
about integers, bits, bytes, and text. Folks dealing with floating
point numbers are presumably handling modelling and simulation tasks,
and will want the random module, not secrets.


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Python-ideas mailing list