W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: Request for feedback: DOMCrypt API proposal - random number generation

From: Aryeh Gregor <Simetrical+w3c@gmail.com>
Date: Mon, 6 Jun 2011 14:44:25 -0400
Message-ID: <BANLkTikk4YEJhsewa6rFr=CL3v-7Ef_iaw@mail.gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Cc: public-webapps@w3.org
On Sat, Jun 4, 2011 at 1:52 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:
> However, I would like to propose one additional feature: a cryptographically
> secure random number generator (CSRNG). This is a badly missed feature
> today. [And just as I'm posting, I now see that Rich Tibbett beat me to this
> idea.]
>
> Specifically I would propose (and I know the details can be debated
> forever):
>
> random(): returns a cryptographically-strong 32-bit random integer.
> setRandom(r): mixes a user-supplied random integer r into the RNG internal
> state.

This was discussed in February on whatwg:

http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-February/030241.html

I didn't reread the whole thread, but my recollection is that people
preferred an API where you'd give it an ArrayBuffer and it would fill
it with random bytes.  That way you can efficiently get large amounts
of randomness.
Received on Monday, 6 June 2011 18:45:12 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:45 GMT