Web applications that implement user accounts need to generate unpredictable values for session cookies and anti-CSRF tokens. So several questions about App Engine arise:
1. How is os.urandom() implemented in production? That is, what entropy sources does it use? What RNG algorithm? 2. Is there a supported way to obtain some high-entropy bits (like /dev/random in Linux)? 3. Are there any features that could help us generate cryptographically strong random numbers? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
