> On Dec 22, 2016, at 2:32 PM, Tim Graham <timogra...@gmail.com> wrote: > > Perhaps times have changed but I forgot to mention that 8 years ago Malcolm > rejected the idea that more randomness is required in the secret key. From > the reporter of #9687:
You're right, and I knew that, but didn't consider it in my response. I think it puts even more weight behind it being a bytes. The expressibility argument (it should support all bytes being truly random) of my options is still reasonable I think, but the readability negative for bytestrings is nullified, since you can just make the string longer when you generate it. +1 for bytes -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/E473B966-407C-4734-AA41-9386F3A54CEE%40ryanhiebert.com. For more options, visit https://groups.google.com/d/optout.
