Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:108460
Return-Path: <phpmailinglists@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 88981 invoked from network); 11 Feb 2020 13:05:15 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 11 Feb 2020 13:05:15 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id CE014180537
	for <internals@lists.php.net>; Tue, 11 Feb 2020 03:19:07 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <phpmailinglists@gmail.com>
Received: from mail-ot1-f54.google.com (mail-ot1-f54.google.com [209.85.210.54])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Tue, 11 Feb 2020 03:19:07 -0800 (PST)
Received: by mail-ot1-f54.google.com with SMTP id 66so9662354otd.9
        for <internals@lists.php.net>; Tue, 11 Feb 2020 03:19:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=wod8JIoJa44hiq8jTOybTz7SR56weBe7owd0NAjGeDk=;
        b=P6GtgHFWJbqCXtEoDszJ0iPfci/MgrOxVPGFrceGoBfW1BGCFMGHqdquOnNFG2xf49
         ebM/yNIOGiJ9tngRnW4FxNC0/BN/lQc0MN8Zx3yqckjfDWYZoFK/cxULez5UVT/D2YHV
         iL0IKkpSY4nJreIMzuSSFs9/yeWijvpA12fPn+DC1dzBKxWj7EZV/0RSOB5R6O5Lr4Hf
         8A1bnLOwQiDACWWeCuWNSz/qVj+rWESB/B09KS6XYoiIvJm+4dQ7onFBakoQIIjlHKsB
         OjUjsxK8Nmfqupk9IWcZmFgehXPNOWcjoIE6wf+0FRoSvk57wrxU9T84ny/x8Gj2t1ah
         vOJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=wod8JIoJa44hiq8jTOybTz7SR56weBe7owd0NAjGeDk=;
        b=c4rqtZ/LSV7kVTCfmPHBRX26WxD3zuEJrURaZlcTe8OCqstIDmZvKleIu4zDeDD/XF
         LK351CcB53afFL1Gj3qNtoe9XuPLAD+YCFSyfi3NuT7OYswgPZo8zjLR4NYDivcYdvKO
         +o1Zr0qoPN3JXLWOaOgAK1pyKVqXoCsREKPeiON3/P2Ll9nA0umkg7K1wAbOKJWJ5PN1
         /+iVDd3T17Uezd2nT1trPrCCQWXKxiaEIT/m79eH9swBAXxBfXcGazZ9fyaWMgmUQi8b
         YRGZ33Ix/wHTgkLK+VfNsmo/EznF9GWpKRi/61Ca/0fQ3vnYuILpQca1l/FWe7Iyh34Z
         BTBg==
X-Gm-Message-State: APjAAAVr1yNycEtTZyMjFp20XwIyqxPgW8HlOwmGb85AtCkwA7Gtzq5s
	yaFUHA1sCGwnD0YreNCe2I0p4TEK
X-Google-Smtp-Source: APXvYqwmyW8Hbk/5UL2Zkm4PfPpLEYUGfA/k+9afQBrDdM7Ku/vYRqYpdlk+1DpdjGS0rCqbvpAUGg==
X-Received: by 2002:a05:6830:114c:: with SMTP id x12mr4869762otq.324.1581419944912;
        Tue, 11 Feb 2020 03:19:04 -0800 (PST)
Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com. [209.85.210.42])
        by smtp.gmail.com with ESMTPSA id p65sm1033676oif.47.2020.02.11.03.19.04
        for <internals@lists.php.net>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 11 Feb 2020 03:19:04 -0800 (PST)
Received: by mail-ot1-f42.google.com with SMTP id r16so9730769otd.2
        for <internals@lists.php.net>; Tue, 11 Feb 2020 03:19:04 -0800 (PST)
X-Received: by 2002:a9d:6181:: with SMTP id g1mr4960695otk.104.1581419944169;
 Tue, 11 Feb 2020 03:19:04 -0800 (PST)
MIME-Version: 1.0
References: <CAN+C6bVeO4nU_3egiwhM0MML9NUJJB4oYgWVUo_bhJRPKUVpPQ@mail.gmail.com>
 <14a19b55-b7fa-5879-90cf-fc285c141ae8@allenjb.me.uk>
In-Reply-To: <14a19b55-b7fa-5879-90cf-fc285c141ae8@allenjb.me.uk>
Date: Tue, 11 Feb 2020 11:18:28 +0000
X-Gmail-Original-Message-ID: <CAJvSBVPsuNbP7-qfZ1myDv+E8QF+itzBm09x3DRkWi4FsSmvDw@mail.gmail.com>
Message-ID: <CAJvSBVPsuNbP7-qfZ1myDv+E8QF+itzBm09x3DRkWi4FsSmvDw@mail.gmail.com>
To: AllenJB <php.lists@allenjb.me.uk>
Cc: Tom Van Looy <tom@ctors.net>, PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="00000000000003681c059e4b06d2"
Subject: Re: [PHP-DEV] [RFC] deprecate md5_file and sha1_file
From: phpmailinglists@gmail.com (Peter Bowyer)

--00000000000003681c059e4b06d2
Content-Type: text/plain; charset="UTF-8"

On Tue, 11 Feb 2020 at 09:34, AllenJB <php.lists@allenjb.me.uk> wrote:

> If you want to change the way developers think about hashing when
> writing PHP, I would start with the documentation rather than
> deprecating functions which are essentially aliases and are highly
> likely used all over the place in cases where they do exactly what
> people want.
>

I agree. It isn't wrong to use MD5 or SHA1 in the right situation (or even
CRC32). The documentation can tell people when they can use these
algorithms, and when they must not think about using them. Mark them in the
documentation as "RECOMMENDED DO NOT USE" and guide people away.

Peter

--00000000000003681c059e4b06d2--