Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:60879
Return-Path: <indeyets@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 70812 invoked from network); 18 Jun 2012 16:04:04 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 Jun 2012 16:04:04 -0000
Authentication-Results: pb1.pair.com header.from=indeyets@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=indeyets@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.42 as permitted sender)
X-PHP-List-Original-Sender: indeyets@gmail.com
X-Host-Fingerprint: 209.85.214.42 mail-bk0-f42.google.com  
Received: from [209.85.214.42] ([209.85.214.42:35890] helo=mail-bk0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id F6/73-50426-3715FDF4 for <internals@lists.php.net>; Mon, 18 Jun 2012 12:04:04 -0400
Received: by bkcik5 with SMTP id ik5so4773248bkc.29
        for <internals@lists.php.net>; Mon, 18 Jun 2012 09:03:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=content-type:mime-version:subject:from:in-reply-to:date
         :content-transfer-encoding:message-id:references:to:x-mailer;
        bh=mScS2/tkSWJvuRz4RquhT8kwLCbFSxQ8sIxMDNmLjfI=;
        b=QAYleoDOWAXjWLWo33JgsZCRcb1ML3C1ucGul2RKE15W7d508YdhqaLfH2POP1m4e5
         PBW+SprOazQwGwT1SHjNzJw3VJyh2AJWuZ45kilKQ8RKOwD2M9jqSPT6BFXt/ji3Ll9T
         AowokXW/lslkCuH/LrxPa2MP8zmKldF5F/6xo+PG6dTio8zgSWInPn183dy50NVhp9QI
         V8uyP/dRNAy63KI/m9uQI1BxKII56JBiXI2NR4r8rxsOwbBxz/5HB0g1sDou8FqwjzRd
         9+DONHkduWDobKfA9R2Xd6+8TRVMmDDo0PWOF3Pj+PjbYyYZxLx84SCP6Qx7dkk/RPb+
         qLwg==
Received: by 10.152.131.9 with SMTP id oi9mr14893643lab.39.1340035439058;
        Mon, 18 Jun 2012 09:03:59 -0700 (PDT)
Received: from [192.168.1.84] ([94.230.167.225])
        by mx.google.com with ESMTPS id xx8sm27937596lab.10.2012.06.18.09.03.54
        (version=TLSv1/SSLv3 cipher=OTHER);
        Mon, 18 Jun 2012 09:03:57 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Apple Message framework v1278)
In-Reply-To: <CAEZPtU7scvZegC8udp2eM65hYGHX4F-B_109GPMrXETOBjpRWg@mail.gmail.com>
Date: Mon, 18 Jun 2012 20:03:47 +0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <3D6D42AE-BA88-4BDE-A2E0-24270687A34A@gmail.com>
References: <CAF+90c-6VWJ_kBW=Z8Br-NOxKyuTkwStRg-OMBa6844w3=CjDA@mail.gmail.com> <8714BC2A-45E2-4303-9769-8399AF316159@gmail.com> <CAEZPtU6tXBgnTuGOfnjjFYyFJQ5iKpWX2Tq1U+wEaoyvBchW7A@mail.gmail.com> <3B162E01-67F6-4684-ACE7-40CAF73E9DC3@gmail.com> <CAEZPtU7scvZegC8udp2eM65hYGHX4F-B_109GPMrXETOBjpRWg@mail.gmail.com>
To: PHP internals <internals@lists.php.net>
X-Mailer: Apple Mail (2.1278)
Subject: Re: [PHP-DEV] Adding a simple API for secure password hashing?
From: indeyets@gmail.com (Alexey Zakhlestin)


On 18.06.2012, at 19:42, Pierre Joye wrote:

>>>> It is BSD-licensed, so we can easily bundle it with PHP
>>>=20
>>> Maybe nice to have in pecl.'
>>=20
>> Sure, that's an option, but pecl won't help php to have default =
"state-of-art" password hashing toolset ;)
>=20
> There is sadly only state-of-art-right-now password hashing methods.
> We have to keep that in mind :)

Sure. but SCrypt is tuneable. One can increase both CPU and RAM =
complexity and CPU complexity is set as function of time.
Which means, that if one upgrades CPU in his server, while leaving =
settings the same complexity will increase automatically.

This feature makes it future-proof to some degree. Well=85 until quantum =
computers become ubiquitous ;)=20=