| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Michael Paquier <michael(at)paquier(dot)xyz>, Dagfinn Ilmari Mannsåker <ilmari(at)ilmari(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Joe Conway <mail(at)joeconway(dot)com> |
| Subject: | Re: Support getrandom() for pg_strong_random() source |
| Date: | 2025-10-06 18:41:07 |
| Message-ID: | CAOYmi+k-199FZAZqCdg1t_-_5GODp8L_R4UUjqF1hK2j-aZF4g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Sep 30, 2025 at 12:44 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
> What if we instead expand the API to provide pg_random (or pg_fast_random)
> which can be a selectable implementation, and pg_strong_random is left as today
> a compile time selection?
I like the idea of tiering it, but I'm not sure how to communicate to
developers when they should prefer pg_strong_random over
pg_fast_random over pg_prng (which is hopefully faster than
pg_fast_random!).
Is the dividing line really strong vs fast, or is it compliance vs
noncompliance? Because I have a feeling that for some users, the
"fast" alternative that is chosen will be stronger than the "strong"
version they are mandated to select.
Are there any use cases other than UUID that want CSPRNG guarantees
without needing CSPRNG security?
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrey Borodin | 2025-10-06 18:53:01 | Re: GiST nitpicks I want to discuss (and maybe eventually fix) |
| Previous Message | Jacob Champion | 2025-10-06 18:27:41 | Re: Support getrandom() for pg_strong_random() source |