Artyom Pavlov

For intra-doc links we can use the following trick: ```md This is an [`Item`] link in README. [`Item`]: https://docs.rs/crate/item.html ``` lib.rs: ```rs // Re-define intra-crate links //! [`Item`]: Item #![doc...

Cluttering the root crate docs with multi-page examples is also not great in my opinion. As a middle ground between the book and examples in README we could use doc...

Serpent is a bit special. While technically it supports variable key sizes (and we reflect it in our implementation), because of historic reasons officially it declares support only for 128,...

You can see a motivation example in the function docs. We can not "zeroize" types like `NonZeroU32`, but they still may contain sensitive data. It also could work as a...

The current `master` version of `rand_core` implements [`BlockRng`](https://github.com/rust-random/rand_core/blob/master/src/block.rs#L137-L141) wrapper which handles buffering of generated RNG blocks. We want to zeroize the `results` field in `chacha20` AND we do not want...

>what calls the drop method of Generator, and what's the problem with that? The `Drop` impl of `BlockRng`. The `Generator::drop` method has nothing to do with the declared functionality of...

In a certain (uncharitable) sense, yes. But while `rand_core`is indeed my primary motivation, I believe that the `observe` function would be useful even without it.

>Perhaps rand_core could just implement volatile writes? Not everyone needs RNG buffer zeroization. Introducing a crate feature for it is also not desirable. I think that zeroization should be handled...

>Ensuring the entire operation is secure relies on implicit coupling between those two crates which the user is orchestrating Yes, it's unfortunate, but sometimes there is just no other way....

>at least on platforms that support asm! where we have guarantees. Well, IIUC even `asm!` does not provide 100% guarantees here, i.e. a "sufficiently smart" compiler may in theory analyze...