Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:100461
Return-Path: <me@kelunik.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 33760 invoked from network); 8 Sep 2017 07:57:08 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Sep 2017 07:57:08 -0000
Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.163 cause and error)
X-PHP-List-Original-Sender: me@kelunik.com
X-Host-Fingerprint: 81.169.146.163 mo4-p00-ob.smtp.rzone.de  
Received: from [81.169.146.163] ([81.169.146.163:22504] helo=mo4-p00-ob.smtp.rzone.de)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id BA/5C-10715-15D42B95 for <internals@lists.php.net>; Fri, 08 Sep 2017 03:57:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1504857422;
	s=domk; d=kelunik.com;
	h=Content-Type:Cc:To:Subject:Date:From:References:In-Reply-To:
	MIME-Version;
	bh=skfAb3dXDVKAntXAkYzCUmld49pojxBHDaqBlFvskVM=;
	b=QI7d7BVwS4ICRRgODzn/ZnO+siYs7AZTdnMNPG4ZTAOo2P7UoX+dFha5Ro2+R+1iN/
	pz4145F+hMZm9no+l3AiliHN83+Q9d4G4PyuvCjuHAJFg3FTXG7hZy1xh2ENvOqqBvO4
	+KWjdT4m1D66yYhUhknZqBzD9LNDTQlGCs7Z0=
X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLDup6E67mzuYROBqDwsVk=
X-RZG-CLASS-ID: mo00
Received: by mail-yw0-f181.google.com with SMTP id r85so5450188ywg.1
        for <internals@lists.php.net>; Fri, 08 Sep 2017 00:57:02 -0700 (PDT)
X-Gm-Message-State: AHPjjUj4HWVajg1NBfp3elNAH1wJXyH/a8iIaAhUPN1n/9eW4lN/uJLQ
	JoA5Xf4TRR7q2KDGHqSYWkEkFOek2A==
X-Google-Smtp-Source: AOwi7QCsQgbhyBiCK3WV8QjdYE296vnsN9aS19iBfGeQmZGPSEiYkvP/bWoODXBH1XodXiP6385sM09nhnaWdBITQfY=
X-Received: by 10.37.162.143 with SMTP id c15mr1753423ybi.166.1504857421457;
 Fri, 08 Sep 2017 00:57:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.224.146 with HTTP; Fri, 8 Sep 2017 00:57:00 -0700 (PDT)
In-Reply-To: <CAGa2bXa8aGZeLd31fAHVwSu6jX=7=7PjfP1-kY3NX+1X-12uJQ@mail.gmail.com>
References: <CAGa2bXbDNe-ruMrkv=gTcq8x_jfuQCjOhzzTRsKy4VdVkOyaWQ@mail.gmail.com>
 <CAGa2bXZdRG+WxQwY3Be7Jg1WChikrbfk76ZSkG2xS=fyxHG=kA@mail.gmail.com>
 <CAPhkiZy+z+JLm-b3rNm-ASiLPBey4kr7kO-D6fOp0ur7K2GNgA@mail.gmail.com> <CAGa2bXa8aGZeLd31fAHVwSu6jX=7=7PjfP1-kY3NX+1X-12uJQ@mail.gmail.com>
Date: Fri, 8 Sep 2017 09:57:00 +0200
X-Gmail-Original-Message-ID: <CANUQDCh-gmEVMM4h=fDF1DyS3t-u2B=Gs1TG6deAR8f27AsCkQ@mail.gmail.com>
Message-ID: <CANUQDCh-gmEVMM4h=fDF1DyS3t-u2B=Gs1TG6deAR8f27AsCkQ@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
Cc: Andrey Andreev <narf@devilix.net>, "internals@lists.php.net" <internals@lists.php.net>, 
	Nikita Popov <nikita.ppv@gmail.com>
Content-Type: multipart/alternative; boundary="089e0828e4240b30080558a8ecd7"
Subject: Re: [PHP-DEV] Re: hash_hkdf() signature and return value
From: me@kelunik.com (Niklas Keller)

--089e0828e4240b30080558a8ecd7
Content-Type: text/plain; charset="UTF-8"

>
> Note for others:  "The extract step in HKDF can concentrate existing
> entropy
>  but cannot amplify entropy." is not came from the RFC. If a RFC states
> this I would be stunned. Please read on you'll see the evidence.
>

This is ridiculous. Be stunned. It's right in the section about
applications of HKDF: https://tools.ietf.org/html/rfc5869#section-4, in the
middle of the second paragraph.

Please stop, it's enough.

Regards, Niklas

--089e0828e4240b30080558a8ecd7--