Home > mailing lists

Re: Support getrandom() for pg_strong_random() source - Mailing list pgsql-hackers

From	Jacob Champion
Subject	Re: Support getrandom() for pg_strong_random() source
Date	October 6 21:27:41
Msg-id	CAOYmi+=ysQ+UdvES9nZoK+UcywoFmtRjT1d46mje8vbASGufzg@mail.gmail.com Whole thread Raw
In response to	Re: Support getrandom() for pg_strong_random() source (Joe Conway <mail@joeconway.com>)
Responses	Re: Support getrandom() for pg_strong_random() source
List	pgsql-hackers

Tree view

On Fri, Oct 3, 2025 at 5:11 AM Joe Conway <mail@joeconway.com> wrote:
> That RFC appears to be specific to UUIDv4, but assuming that advice is generally
> applicable to UUIDs in general it seems to mean we are off the hook when it
> comes to FIPS with respect to UUIDs.

The most recent RFC still says that [1]. And it doesn't appear to
mandate the use of a CSPRNG at all, so it'd be unfortunate if UUIDs
were bound by FIPS considerations... but my opinion has no effect on
whether they're bound in practice.

--Jacob

[1] https://www.rfc-editor.org/rfc/rfc9562.html#name-security-considerations

pgsql-hackers by date:

From: Tomas Vondra
Date: 06 October, 21:20:15
Subject: Re: Should we update the random_page_cost default value?

From: Jacob Champion
Date: 06 October, 21:41:07
Subject: Re: Support getrandom() for pg_strong_random() source

Re: Support getrandom() for pg_strong_random() source - Mailing list pgsql-hackers

Previous

Next