Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:120670
Return-Path: <nikita.ppv@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 6776 invoked from network); 24 Jun 2023 13:56:33 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 24 Jun 2023 13:56:33 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 432231804D0
	for <internals@lists.php.net>; Sat, 24 Jun 2023 06:56:30 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <nikita.ppv@gmail.com>
Received: from mail-ed1-f48.google.com (mail-ed1-f48.google.com [209.85.208.48])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sat, 24 Jun 2023 06:56:29 -0700 (PDT)
Received: by mail-ed1-f48.google.com with SMTP id 4fb4d7f45d1cf-50d897af77bso297212a12.1
        for <internals@lists.php.net>; Sat, 24 Jun 2023 06:56:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20221208; t=1687614988; x=1690206988;
        h=subject:to:from:date:references:in-reply-to:message-id:mime-version
         :user-agent:feedback-id:from:to:cc:subject:date:message-id:reply-to;
        bh=M+/vYncgRwzsWPXmwzqLYFFUHswxnvXcCxYXG2+HKL0=;
        b=F2AL3SeAReqY79pcYONEgCQHZFyOQm/e1dInWINsasRHkHEWC2JiW8Vi8rVo+LJrDS
         CQQuDcuytvil+pkPxasW1o3qd04AOainnfbYBbKs/5Fd0lnWaR3/Bo9THAhYEs6bMR38
         2ckTCQgGnhc9R8LMLKBK96w/raW7z1T05Za+9whc9L76/WRmL8Sr+bg+t1Y9Qatprujh
         rqIcFr+8g28qpGYcGR2pkaoRd28r2nb5+rlPIkJfcK4fv1YbtYAr80hd2OZ9fksibtrY
         5oi3eScJ6B3DIZPnCSprWBy8rVZQDW4Y85B3mC/g/3ptC3flcvCtPJGx1ouqLAC1486G
         DnbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687614988; x=1690206988;
        h=subject:to:from:date:references:in-reply-to:message-id:mime-version
         :user-agent:feedback-id:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=M+/vYncgRwzsWPXmwzqLYFFUHswxnvXcCxYXG2+HKL0=;
        b=J+4647I4+9QaDEhMKFVjDzjEzoN4vTab1oLEBssuTpoZBSSjwa8u66f02sD4BCP/BG
         uYcDaouViOrmavK8qIJC1/2ih7PexhTa1pffQ3XKMy/SQPBqz7xFgFpMWGXel3OhALhx
         La5TYPgnCkmRKXHFyxuU788PCa7Kz1bw4oA689F/Tl1RohBjkCFdxxszwIo4rXSV0Dli
         wJP5ck5FZ9GA6iLcs6D5BNbnoZLj83Vqor/wltTku60dF25Bgv8z0y+jUBK5Vf2sujrr
         r1o/tpDSRL6OjgKvNIefZ1pg2vJe5ssexcR+6xrn9x2NyUK9MM9vaVwMFsGzfZvVB2gR
         Fkag==
X-Gm-Message-State: AC+VfDxrJpGMmGnQhkXDB32tjeKI91HWHL/tnYFqBSubStN+LQDFZ05O
	9JCqzjKbgZru2Ttm2/55LE6CXCMNgJc=
X-Google-Smtp-Source: ACHHUZ4rLr/xAW9l7UcoPoOhgA3fJArbVHGlIYJYfoWtist6QO8nz2QMSwImi8NFQcBQUQnVxibFvg==
X-Received: by 2002:a05:6402:4403:b0:51d:806e:4f3e with SMTP id y3-20020a056402440300b0051d806e4f3emr1216688eda.1.1687614988006;
        Sat, 24 Jun 2023 06:56:28 -0700 (PDT)
Received: from auth2-smtp.messagingengine.com (auth2-smtp.messagingengine.com. [66.111.4.228])
        by smtp.gmail.com with ESMTPSA id e5-20020a056402148500b0051879c4f598sm689260edv.66.2023.06.24.06.56.26
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 24 Jun 2023 06:56:27 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
	by mailauth.nyi.internal (Postfix) with ESMTP id E6AD627C0054;
	Sat, 24 Jun 2023 09:56:25 -0400 (EDT)
Received: from imap48 ([10.202.2.98])
  by compute2.internal (MEProxy); Sat, 24 Jun 2023 09:56:25 -0400
X-ME-Sender: <xms:CfaWZKDAlibfVro-WGhToQf_HSp4IHUzItaEnRJpjFXrJRcHx7RiUA>
    <xme:CfaWZEjgtXrOBZtea1CjdVGHKsSQhE1k_N__aDl8aNFX_IqbEuhXtbP-5AkVlkOFK
    ynncBTkKbJJeeAy25U>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrgeegjedgjedtucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhepofgfggfkjghffffhvffutgesrgdtreerreerjeenucfhrhhomhepfdfpihhk
    ihhtrgcurfhophhovhdfuceonhhikhhithgrrdhpphhvsehgmhgrihhlrdgtohhmqeenuc
    ggtffrrghtthgvrhhnpeetgeevgedtgfehhffhheefvdefuddtkedtheelueevgffhueeg
    gfelgfeguefgjeenucffohhmrghinhepphhhphdrnhgvthdpvgigthgvrhhnrghlshdrih
    honecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhgr
    ihhlodhmvghsmhhtphgruhhthhhpvghrshhonhgrlhhithihqddufedufeeludekheeiqd
    dvheekvdegheeikedqnhhikhhithgrrdhpphhvpeepghhmrghilhdrtghomhesnhhpohhp
    ohhvrdgtohhm
X-ME-Proxy: <xmx:CfaWZNmGsdBP2ROytjIbr7ApGUG-PpaFEsk1D8EFsCYSlusZ3fv1yw>
    <xmx:CfaWZIzMrB03uX8OI0ht4Z6esY2pY_jjwj__P1jStv9JwUWThckO1Q>
    <xmx:CfaWZPSjrBfT_oKErnsyjQ0BObbN-xDJ75MJBIFrdJrGuhU5PXeQIg>
    <xmx:CfaWZCPU6lnaaFMC_dUStUK5BX2E_NiQqK3VnMLfHkn8DPm6ck9Dzw>
Feedback-ID: id4a9467a:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501)
	id 22FD131A0063; Sat, 24 Jun 2023 09:56:25 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-499-gf27bbf33e2-fm-20230619.001-gf27bbf33
Mime-Version: 1.0
Message-ID: <6e42df4a-1331-4a88-bf67-2e4079a8b527@app.fastmail.com>
In-Reply-To: 
 <CAH5C8xU7j-Qn9Vcry19Ug675CTj0sSjpMs-GPNYNHJJ7KsPwXg@mail.gmail.com>
References: 
 <CAH5C8xU7j-Qn9Vcry19Ug675CTj0sSjpMs-GPNYNHJJ7KsPwXg@mail.gmail.com>
Date: Sat, 24 Jun 2023 15:55:45 +0200
To: =?UTF-8?Q?M=C3=A1t=C3=A9_Kocsis?= <kocsismate90@gmail.com>,
 "Levi Morrison" <internals@lists.php.net>
Content-Type: multipart/alternative;
 boundary=7d66d8cc2fdf433897eaf07be8ba7491
Subject: Re: [PHP-DEV] [RFC] [Vote] PHP 8.3 deprecations
From: nikita.ppv@gmail.com ("Nikita Popov")

--7d66d8cc2fdf433897eaf07be8ba7491
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 22, 2023, at 12:14, M=C3=A1t=C3=A9 Kocsis wrote:
> Hi Everyone,
>=20
> As previously announced on the list, we have just started the vote abo=
ut
> the annual PHP deprecation RFC.
>=20
> Link to the RFC: https://wiki.php.net/rfc/deprecations_php_8_3
> Link to the discussion thread: https://externals.io/message/120422
>=20
> The vote is open until 2023-07-06 12:00:00 UTC.

I've voted No on the mt_rand() deprecation proposal. This is a high impa=
ct deprecation without sufficient justification.

I believe this proposal would have been much better served deprecating o=
nly the srand() and mt_srand() functions, as I previously suggested. Goi=
ng through the arguments against mt_rand() in the RFC:
> They are not cryptographically secure.

This is a feature, not a bug. Not everything needs or wants cryptographi=
cally secure random numbers. There's a reason we support both.

> They are not properly reproducible, because the state could be changed=
 unpredictably by any function call, e.g. when a library is updated and =
adds additional calls to `mt_rand <http://www.php.net/mt_rand>()`.

This is addressed by deprecating mt_srand() only, making Randomizer the =
only way to get reproducible random number sequences, and relegating mt_=
rand() to only the cases where reproducibility is not required.

> Any function calling `mt_srand <http://www.php.net/mt_srand>()` with a=
 fixed seed for whatever reason, will ruin randomness for the remainder =
of the request.

Deprecating (and removing) mt_srand() address this one trivially.

> PHP's Mt19937 implementation only supports passing a single 32 bit int=
eger as the initial seed. Thus there are only ~4 billion possible sequen=
ces of random integers generated by Mt19937. If a random seed is used, c=
ollisions are expected with 50% probability after roughly 2**16 seeds (a=
s per the birthday paradox). In other words: After roughly 80000 request=
s without explicit seeding it is likely that a seed and thus a sequence =
is reused.

Deprecating (and removing) allows us to address this as well, as we are =
no longer bound to a specific PRNG algorithm or seeding procedure.

> Both the quality of the returned randomness as well as the generation =
performance of Mt19937 is worse than that of the Xoshiro256StarStar and =
PcgOneseq128XslRr64 engines that are provided in the object-oriented API.

Same as previous point: If we don't allow seeding we can change the algo=
rithm however we like.

> They are functions with overloaded signatures <https://wiki.php.net/rf=
c/deprecate_functions_with_overloaded_signatures>, which are problematic=
 for the reasons outlined in the =E2=80=9CDeprecate functions with overl=
oaded signatures <https://wiki.php.net/rfc/deprecate_functions_with_over=
loaded_signatures>=E2=80=9D RFC.

While this is technically true, the particular overload in question here=
 is a very mild and unproblematic one. It only enforces that the functio=
n is called with zero or two arguments, forbidding one argument. It does=
 not require accepting different combinations of argument types, or chan=
ge the meaning of arguments, which is what makes overloads problematic.


I think the only somewhat sound motivation for this deprecation is that =
programmers may use the non-cryptographic mt_rand() in a context where c=
ryptographic numbers are required. This is a legitimate concern, but I d=
on't think it's sufficient to deprecate such a widely used function.

For the longest time, we only had mt_rand(), and no easy access to a CRP=
RNG. A lot of mt_rand() misuse dates back to that time. Since the introd=
uction of random_int() and random_string(), getting cryptographic random=
ness is no harder than getting non-cryptographic randomness (easier, in =
the case of strings).

Regards,
Nikita
--7d66d8cc2fdf433897eaf07be8ba7491--