Message 267660 - Python tracker

Message267660

Author	vstinner
Recipients	Colm Buckley, Lukasa, alex, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date	2016-06-07.12:52:17
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1465303937.54.0.578079735897.issue26839@psf.upfronthosting.co.za>
In-reply-to

Content
Currently, os.urandom() doesn't block anymore which means secrets should be updated. If we revert os.urandom(), Python must be patched to use a non-blocking urandom to initialized hash secret and random.Random (when the random module is imported). In both cases, something should be changed. I suggest to move the discussion to the issue #27250 to try to identify which parts of Python requires secure RNG, which parts of Python don't require a secure RNG, and how to expose secure and not secure RNG in Python.

Content

Currently, os.urandom() doesn't block anymore which means secrets should be updated. If we revert os.urandom(), Python must be patched to use a non-blocking urandom to initialized hash secret and random.Random (when the random module is imported).

In both cases, something should be changed. I suggest to move the discussion to the issue #27250 to try to identify which parts of Python requires secure RNG, which parts of Python don't require a secure RNG, and how to expose secure and not secure RNG in Python.

History
Date	User	Action	Args
2016-06-07 12:52:17	vstinner	set	recipients: + vstinner, lemburg, rhettinger, doko, larry, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni, Colm Buckley
2016-06-07 12:52:17	vstinner	set	messageid: <1465303937.54.0.578079735897.issue26839@psf.upfronthosting.co.za>
2016-06-07 12:52:17	vstinner	link	issue26839 messages
2016-06-07 12:52:17	vstinner	create