Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:61260 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 3869 invoked from network); 15 Jul 2012 23:19:06 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 15 Jul 2012 23:19:06 -0000 Authentication-Results: pb1.pair.com smtp.mail=alex.aulbach@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=alex.aulbach@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.42 as permitted sender) X-PHP-List-Original-Sender: alex.aulbach@gmail.com X-Host-Fingerprint: 209.85.160.42 mail-pb0-f42.google.com Received: from [209.85.160.42] ([209.85.160.42:40634] helo=mail-pb0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 2E/41-20866-9EF43005 for ; Sun, 15 Jul 2012 19:19:06 -0400 Received: by pbbrp12 with SMTP id rp12so10034466pbb.29 for ; Sun, 15 Jul 2012 16:19:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mx7mqAAp5Ljw5ZdMH4o/vXckP8CuVQMaqtMcrUrB7BU=; b=FFoYBdR+Xv26jxnEKDNeMYjRbmPcCkvLT7jxVjp8IwD6R1VF8Z8uwWK5WvHSV+dbLt JYiJzjKW3eTYo6F0/Xk86JSkBkEjzPoNxkQKN8mpy8GVnad8C3zm8f38pP70sQU+M9Ag 0KAkD0SUJQTuGWYP32Fq6wISDa4riLvxVmkw3xWnvZ8R/1+iJLSOOT7d6B+zkXdU3nii XOlj1g4QYabnJ9jnFwh8R9vSIH3DOzqxOes2fNwIYfwVzh8Yk4fZNoMxd6eBVaLjTsib f/e/yJF3KhZ+2093gX+ulUwUFb/B9obuYlOoQeUE4sNcUpKIFcwbz+UY2LasTKDyn9TE DaFw== MIME-Version: 1.0 Received: by 10.68.130.9 with SMTP id oa9mr22359722pbb.95.1342394342319; Sun, 15 Jul 2012 16:19:02 -0700 (PDT) Received: by 10.68.31.7 with HTTP; Sun, 15 Jul 2012 16:19:02 -0700 (PDT) In-Reply-To: <50033454.6080100@gmail.com> References: <4FFFF84D.9070202@rotorised.com> <5000990F.30105@gmail.com> <50033454.6080100@gmail.com> Date: Mon, 16 Jul 2012 01:19:02 +0200 Message-ID: To: =?ISO-8859-1?Q?=C1ngel_Gonz=E1lez?= Cc: internals Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] [PROPOSED] password_hash RFC - Implementing simplified password hashing functions From: alex.aulbach@gmail.com (Alex Aulbach) Ok. I think, I go too much off topic. Sorry. But I want to repeat - we never know in which context the program will run. And good security means, thait it shouldn't care, in which context it runs. - everything, which can go wrong will go wrong (Murphy); if there is any chance to make it wrong, there will be someone, which make it wrong. (and in this case they will point to PHP: "see, I have said it is unsecure..." :) ). - in security context this means: The hashes will be stolen/we can login without password etc. - No documentation or any other thing can prevent that - So we need to do everything, which is possible to avoid it. The best thing would be, that we can guarantee, that it is not possible. - As positive side-effect we can have more possibilities in PHP :) More off topic: Let me explain that last sentence: I dont know exactly how this can be implemented, but I think every warning, error and so on could be an exception instead. Just an idea, but I think this can remove complexity, because - even if I think the current error-handling is quite well designed - it is a source of sercurity-problems (and some other more or less ugly things). I think about a default exception-handling which can be overridden (like the error-handlers). Could be an interesting concept. :) And of course its something which needs time. -- Sevus Alex Aulbach