Victor Stinner wrote: > I already patched the doc of the random module to add a security > warning. Well, you don't really need to know how a CSPRNG is > implemented, just that random cannot be used for security and that > ssl.RAND_bytes() raises an error if was seeded with enough data. > > Tell me if my warning is not clear: > > .. warning:: > > The generators of the :mod:`random` module should not be used for > security purposes, they are not cryptographic. Use ssl.RAND_bytes() > if you require a cryptographically secure pseudorandom number > generator.
Looks good to me. Regarding style, you should probably make a link, like :func:`ssl.RAND_bytes()`. Petri _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
