[whatwg] Cryptographically strong random numbers

Brendan Eich brendan at mozilla.org
Sun Feb 13 20:27:13 PST 2011

Yes, we aspire to standardize a good RBG as an "upgrade" to Math.random -- obviously a new name would be needed, but with docs and evangelization we would hope to steer people away from that old p.o.s. I copied from Java in 1995 (quote unquote).

See http://wiki.ecmascript.org/doku.php?id=strawman:random-er for the mostly-aspirational page. As Boris says, this is a core language strawman proposal, not something we want browser-only (think http://nodejs.org/).


On Feb 13, 2011, at 6:37 PM, Boris Zbarsky wrote:

> On 2/13/11 8:22 PM, Adam Barth wrote:
>> It seems likely that window.crypto will continue to grow more quality
>> cryptographic APIs, not all of which will be appropriate at the
>> ECMAScript level.
> Sure; the question is whether this _particular_ API would be more appropriate at the language level.  Or more to the point, if the language plans to grow it anyway, do we need two APIs for it?
> It's worth at least checking with the ES folks whether they plan to add a API like this (something that fills in an array of bytes with cryptographically strong random values) in any sort of short-term timeframe.
> -Boris
> _______________________________________________
> es-discuss mailing list
> es-discuss at mozilla.org
> https://mail.mozilla.org/listinfo/es-discuss

More information about the es-discuss mailing list