Re: [PHP6] Merging rand and mt_rand()
Am 24.02.2014 20:42, schrieb Rouven Weßling:
>
> On 24.02.2014, at 20:23, Marc Bennewitz <[email protected]
> <mailto:[email protected]>> wrote:
>
>> I already wrote down an idea for a very simple bc-safe API:
>>
>> http://grokbase.com/t/php/php-internals/138wn1sy5g/more-powerful-and-backward-compatible-api-of-random-number-generator-functions
>> (Can't find the direct link to http://news.php.net/php.internals/????)
>
> I like the idea, and many parts of that API. However I don't see a
> need for multiple unsafe PRNGs. If we'd drop the mt_rand function (or
> make it alias) we'd still have a backwards compatibility break.
To be bc-safe the mt_* functions could be directed the the standard
functions with RAND_ALGO_MERSENNE_TWISTER as algo argument.
This API wouldn't define if an algo is secure safe or not - it simply
provides a standard way to any simple RNGs. Each RNG has pros and cons
so why only support one?
>
> So please don't let get this proposal in the way of yours in any form,
> this is mostly about loosing system rand which would still map to your
> proposal.
>
> Best regards
> Rouven
Thread (15 messages)