Re: [DOCS] gen_random_uuid security not explicit in documentation

(Adding Heikki in CC who committed this code)

On Mon, Jan 2, 2017 at 8:20 AM,  <rightfold@gmail.com> wrote:
> The C source code of gen_random_uuid reads:
>
>     /*
>     * Generate random bits. pg_backend_random() will do here, we don't
>     * promis UUIDs to be cryptographically random, when built with
>     * --disable-strong-random.
>     */
>
> However, the pgcrypto documentation does not mention
> --disable-strong-random
> at all. I think the documentation should mention under which conditions
> the function returns secure data.

That's actually a good idea. But as it does not only apply to
get_random_uuid(), I would think that a notice at the top of the
pgcrypto documentation would make the most sense. Something like:
"If PostgreSQL is built with --disable-strong-random, the data
generated by the functions is not guaranteed to be cryptographically
random."

> P.S. there is also a typo in the C comment: "promis" should be "promise".

Indeed.
--
Michael