Using Math.getRandomValues() ?

[plehegar]

This issue is meant to track the conversation at:
tc39/proposal-uuid#33

If getRandomValues is upstreamed in ECMA-262, we should update the Web Crypto API to reference their definition (assuming it's compatible).

[rbuckton]

We're also investigating a separate proposal for bringing part of the WebCrypto API into ECMA-262 at https://github.com/tc39/proposal-csprng, which would possibly replace the Math.getRandomValues() part of the UUID proposal. In particular, there are several open issues I'd like to get feedback on from the WebCrypto WG:

• Errors thrown from getRandomValues in WebCrypto incompatible with current proposal tc39/proposal-csprng#5 - concerns whether to use TypeMismatchError and QuotaExceededError vs TypeError and RangeError.
• Should we support or forbid TypedArrays backed by SharedArrayBuffer tc39/proposal-csprng#6 - concerns whether to support SharedArrayBuffer.

I'm also interested in other general feedback in the approach outlined in tc39/proposal-csprng#2, which amends the CSPRNG proposal to adopt the global crypto namespace in a way to be (hopefully) compatible with the WebCrypto API.

[plehegar]

Note that the WG closed back then. However, there are ongoing discussion to do something. See also w3ctag/design-reviews#466

[sideshowbarker]

This would essentially be an editorial change, right? I mean, no implementation impact?