[whatwg] Cryptographically strong random numbers
glenn at zewt.org
Fri Feb 11 13:13:53 PST 2011
On Fri, Feb 11, 2011 at 3:40 PM, Adam Barth <w3c at adambarth.com> wrote:
> In some cases, it's not possible to determine whether we'll be able to
> get OS randomness until runtime. For example, on Linux, if we don't
> have permission to read /dev/urandom.
You can have an exception, eg. INTERNAL_ERR or RUNTIME_ERR, for cases where
the PRNG is normally expected to work but failed in a rare way at runtime.
That's always possible in theory (eg. a read() from /dev/urandom returns an
error), but is separate from feature testing since it can't be predicted,
and it should be exceptionally rare.
> at runtime.
If that's a concern, then all of the specs with the text I mentioned will
have trouble. I think either the convention of removing APIs at runtime
should be expected and depended on by the specs (and used as consistently as
is reasonable), or not used at all and those specs should be changed.
More information about the whatwg