- From: Adam Barth <w3c@adambarth.com>
- Date: Sun, 13 Feb 2011 21:55:29 -0800
Fortunately, these APIs are quite simple (e.g., the implementation in WebKit is a whole four lines of code) and having more than one way to access good randomness isn't terribly costly. Even if strong randomness is a future aspiration for ECMAScript, crypto.getRandomValues provides benefits today at low cost and is probably still worth doing. Adam On Sun, Feb 13, 2011 at 8:26 PM, Brendan Eich <brendan at mozilla.com> wrote: > Yes, we aspire to standardize a good RBG as an "upgrade" to Math.random -- obviously a new name would be needed, but with docs and evangelization we would hope to steer people away from that old p.o.s. I copied from Java in 1995 (quote unquote). > > See http://wiki.ecmascript.org/doku.php?id=strawman:random-er for the mostly-aspirational page. As Boris says, this is a core language strawman proposal, not something we want browser-only (think http://nodejs.org/). > > /be > > > On Feb 13, 2011, at 6:37 PM, Boris Zbarsky wrote: > >> On 2/13/11 8:22 PM, Adam Barth wrote: >>> It seems likely that window.crypto will continue to grow more quality >>> cryptographic APIs, not all of which will be appropriate at the >>> ECMAScript level. >> >> Sure; the question is whether this _particular_ API would be more appropriate at the language level. ?Or more to the point, if the language plans to grow it anyway, do we need two APIs for it? >> >> It's worth at least checking with the ES folks whether they plan to add a API like this (something that fills in an array of bytes with cryptographically strong random values) in any sort of short-term timeframe. >> >> -Boris >> _______________________________________________ >> es-discuss mailing list >> es-discuss at mozilla.org >> https://mail.mozilla.org/listinfo/es-discuss > > _______________________________________________ > es-discuss mailing list > es-discuss at mozilla.org > https://mail.mozilla.org/listinfo/es-discuss >
Received on Sunday, 13 February 2011 21:55:29 UTC