[whatwg] Cryptographically strong random numbers

On Fri, Feb 11, 2011 at 3:40 PM, Adam Barth <w3c at adambarth.com> wrote:

> In some cases, it's not possible to determine whether we'll be able to
> get OS randomness until runtime.  For example, on Linux, if we don't
> have permission to read /dev/urandom.


You can have an exception, eg. INTERNAL_ERR or RUNTIME_ERR, for cases where
the PRNG is normally expected to work but failed in a rare way at runtime.
That's always possible in theory (eg. a read() from /dev/urandom returns an
error), but is separate from feature testing since it can't be predicted,
and it should be exceptionally rare.

Not all JavaScript engines have the ability to selectively disable DOM APIs
> at runtime.
>

If that's a concern, then all of the specs with the text I mentioned will
have trouble.  I think either the convention of removing APIs at runtime
should be expected and depended on by the specs (and used as consistently as
is reasonable), or not used at all and those specs should be changed.

-- 
Glenn Maynard

Received on Friday, 11 February 2011 13:13:53 UTC