[Tim] >> secrets.token_bytes() is already the way to spell "get a string of >> messed-up bytes", and that's the dead obvious (according to me) place >> to add the potentially blocking implementation.
[Sebastian Krause] > I honestly didn't think that this was the dead obvious function to > use. To me the naming kind of suggested that it would do some > special magic that tokens needed, instead of just returning random > bytes (even though the best token is probably just perfectly random > data). If you want to provide a general function for secure random > bytes I would suggest at least a better naming. There was ample bikeshedding over the names of `secrets` functions at the time. If token_bytes wasn't the obvious function to you, I suspect you have scant idea what _is_ in the `secrets` module. The naming is logical in context, where various "token_xxx" functions supply random-ish bytes in different formats. In that context, xxx=bytes is the obvious way to get raw bytes. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com