[whatwg] Cryptographically strong random numbers

Glenn Maynard glenn at zewt.org
Fri Feb 11 13:13:53 PST 2011


On Fri, Feb 11, 2011 at 3:40 PM, Adam Barth <w3c at adambarth.com> wrote:

> In some cases, it's not possible to determine whether we'll be able to
> get OS randomness until runtime.  For example, on Linux, if we don't
> have permission to read /dev/urandom.


You can have an exception, eg. INTERNAL_ERR or RUNTIME_ERR, for cases where
the PRNG is normally expected to work but failed in a rare way at runtime.
That's always possible in theory (eg. a read() from /dev/urandom returns an
error), but is separate from feature testing since it can't be predicted,
and it should be exceptionally rare.

Not all JavaScript engines have the ability to selectively disable DOM APIs
> at runtime.
>

If that's a concern, then all of the specs with the text I mentioned will
have trouble.  I think either the convention of removing APIs at runtime
should be expected and depended on by the specs (and used as consistently as
is reasonable), or not used at all and those specs should be changed.

-- 
Glenn Maynard


More information about the whatwg mailing list