proposal: math/rand/v2: add Rand.Read #65562
Description
Proposal Details
In #61716, Russ said:
If we do keep ChaCha8 as the global generator and commit to having some cryptographic global generator like ChaCha8 in the future, we could potentially bring back both the top-level Read function and the Rand.Read method.
In the earlier discussion, some people asked what to do about getting short byte sequences from the PRNG. We essentially sacrificed the convenience of Read for the security of forcing people over to crypto/rand. But if we make the top-level Read backed by a cryptographic generator, we could bring Read back and have both convenience and security.
I would like to formally propose this. To put it bluntly, I do not believe there is a meaningful security difference between reading from crypto/rand and reading from a ChaCha8 CSPRNG seeded from crypto/rand. But others may disagree, and if adding a top-level Read causes tools like goimports to import math/v2/rand instead of crypto/rand, they could rightfully complain. Thus I propose adding Rand.Read, but not a top-level Read.