Re: Request for feedback: DOMCrypt API proposal - random number generation

On Sat, Jun 4, 2011 at 1:52 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:
> However, I would like to propose one additional feature: a cryptographically
> secure random number generator (CSRNG). This is a badly missed feature
> today. [And just as I'm posting, I now see that Rich Tibbett beat me to this
> idea.]
>
> Specifically I would propose (and I know the details can be debated
> forever):
>
> random(): returns a cryptographically-strong 32-bit random integer.
> setRandom(r): mixes a user-supplied random integer r into the RNG internal
> state.

This was discussed in February on whatwg:

http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-February/030241.html

I didn't reread the whole thread, but my recollection is that people
preferred an API where you'd give it an ArrayBuffer and it would fill
it with random bytes.  That way you can efficiently get large amounts
of randomness.

Received on Monday, 6 June 2011 18:45:12 UTC