| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Daniel Gustafsson <daniel(at)yesql(dot)se>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Michael Paquier <michael(at)paquier(dot)xyz>, Dagfinn Ilmari Mannsåker <ilmari(at)ilmari(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Support getrandom() for pg_strong_random() source |
| Date: | 2025-10-06 18:27:41 |
| Message-ID: | CAOYmi+=ysQ+UdvES9nZoK+UcywoFmtRjT1d46mje8vbASGufzg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Oct 3, 2025 at 5:11 AM Joe Conway <mail(at)joeconway(dot)com> wrote:
> That RFC appears to be specific to UUIDv4, but assuming that advice is generally
> applicable to UUIDs in general it seems to mean we are off the hook when it
> comes to FIPS with respect to UUIDs.
The most recent RFC still says that [1]. And it doesn't appear to
mandate the use of a CSPRNG at all, so it'd be unfortunate if UUIDs
were bound by FIPS considerations... but my opinion has no effect on
whether they're bound in practice.
--Jacob
[1] https://www.rfc-editor.org/rfc/rfc9562.html#name-security-considerations
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jacob Champion | 2025-10-06 18:41:07 | Re: Support getrandom() for pg_strong_random() source |
| Previous Message | Tomas Vondra | 2025-10-06 18:20:15 | Re: Should we update the random_page_cost default value? |