This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author tim.peters
Recipients Lukasa, brett.cannon, dstufft, ned.deily, steven.daprano, tim.peters
Date 2016-06-11.21:24:00
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465680241.23.0.225859009345.issue27288@psf.upfronthosting.co.za>
In-reply-to
Content 
I think it's clear Guido would say "#1".  The thrust of all his comments to date is that it was a mistake to change the semantics of os.urandom() on Linux (and one other platform? don't really care), and that in 3.6+ only `secrets` should _try_ to supply possibly-blocking behavior on Linux.

Indeed, even in 3.6+ he doesn't want to expose the new-ish getrandom() directly.  Today he said:

"""
So what should the secrets module use? Let's make that part an extension module.
"""

So he feels strongly enough about this as to recommend a teensy private C extension module for secrets.py alone to get at the platform getrandom() (if any - of course it needs to fall back to os.urandom() on other platforms).

"""
The main thing that I want to avoid is that people start cargo-culting whatever the secrets module uses rather than just using the secrets module. Having it redundantly available as os.getrandom() is just begging for people to show off how much they know about writing secure code. 
"""

Whenever he starts taking that tone, his mind is made up for good ;-)
History
Date User Action Args
2016-06-11 21:24:01tim.peterssetrecipients: + tim.peters, brett.cannon, ned.deily, steven.daprano, dstufft, Lukasa
2016-06-11 21:24:01tim.peterssetmessageid: <1465680241.23.0.225859009345.issue27288@psf.upfronthosting.co.za>
2016-06-11 21:24:01tim.peterslinkissue27288 messages
2016-06-11 21:24:00tim.peterscreate