should we better define rules more distinct than "best effort" for randomness

[bcoe]

The W3C Web Crypto recommendation suggests, with regards to generating randomness, that:

This specification provides no lower-bound on the information theoretic entropy present in cryptographically random values, but implementations should make a best effort to provide as much entropy as practicable.

Talking with some folks I work with about this specification, they thought that it might be worth having the goal of defining a few more concrete rules for what represents "best effort" ... perhaps we could come up with a few guidelines that aren't controversial.

As of right now, we've borrowed the W3C wording in #33, but it might be worth revisiting with the goal described above.

[broofa]

Doesn't the term "cryptographically secure" already set a well-defined bar for what is expected? I'm at a bit of a loss for what we could add here that would be helpful in practice.

Delete that note altogether to avoid confusion?