Message277115
With the 3.6 os.urandom() implementation doing the right thing consistently cross-platform, our guidance for folks that care about the quality of the CSPRNG they use should be that they either upgrade to that version, or else ensure that the kernel CSPRNG is properly seeded before they run Python.
That is, I think the tone we're aiming for in the older docs now should be "You're using an older Python version, so if this problem description worries you, you need to either upgrade or else take the necessary steps to satisfy yourself that your host system's CSPRNG is properly configured", rather than the more passive "os.urandom() isn't necessarily secure" (with minimal guidance on what to do about it) that we've previously adopted. |
|
Date |
User |
Action |
Args |
2016-09-21 09:15:14 | ncoghlan | set | recipients:
+ ncoghlan, georg.brandl, vstinner, larry, ned.deily, steven.daprano, docs@python, martin.panter, Lukasa |
2016-09-21 09:15:14 | ncoghlan | set | messageid: <1474449314.8.0.505831251145.issue27292@psf.upfronthosting.co.za> |
2016-09-21 09:15:14 | ncoghlan | link | issue27292 messages |
2016-09-21 09:15:14 | ncoghlan | create | |
|