Privacy depends on the unpredictability of random numbers, but the random numbers should be chosen by the app, since it's platform-dependent. We should have some docs about this.

It depends on the language -- e.g. Java and JavaScript have their own random APIs.

First cut in doc/randomness.md. Needs more info about different platforms.

I wrote the first cut of this doc just talking about implementation of cryptographic randomness. I think it has to be more clear about the different requirements for the PRR and IRR, what potential attacks are, etc. Basically so if someone is implementing RAPPOR they can use it as guidance.