Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:62573
Return-Path: <ircmaxell@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 26713 invoked from network); 28 Aug 2012 15:28:12 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 28 Aug 2012 15:28:12 -0000
Authentication-Results: pb1.pair.com smtp.mail=ircmaxell@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=ircmaxell@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.170 as permitted sender)
X-PHP-List-Original-Sender: ircmaxell@gmail.com
X-Host-Fingerprint: 209.85.217.170 mail-lb0-f170.google.com  
Received: from [209.85.217.170] ([209.85.217.170:41523] helo=mail-lb0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id E8/24-02511-A83EC305 for <internals@lists.php.net>; Tue, 28 Aug 2012 11:28:11 -0400
Received: by lbbgp3 with SMTP id gp3so3362184lbb.29
        for <internals@lists.php.net>; Tue, 28 Aug 2012 08:28:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=OZgt0V+XC6z+gMafZJndEtrZQcPW+AZvuWITDnH1Sco=;
        b=zAHcYLnPCZbzi1mBY2QkWwyHlK67fRLXCa6DSTul69k+vaU/Uq/4ciLUmFDRTlSv1l
         oUpmd6M5PZIJmNBg/TgV+rBN+SQ71cH7OkFaoDBAdG4Iyqx8QsKrqtrjq5vRPVOMo6Qo
         yslKQH+QWq52YGJ5Ilbz5q3xk5U+XqYUgsFcyi6yAVM2CXnQxAcQDsS1eCoZXQE4p1r5
         r6r2+leSvXTtb9apNnDKQtdAGtHXd/QO3ypaYnK6Tqfu2PcP7Gj3W1uStfkMawOBylJ6
         kOsBQEZqmUnYT/TP4j55ooTSz/XrzMwIw4g7Kaq5ybVWu7chosPE4hqARWd5HlR7b2f6
         h+Fg==
MIME-Version: 1.0
Received: by 10.112.104.3 with SMTP id ga3mr8214051lbb.77.1346167687362; Tue,
 28 Aug 2012 08:28:07 -0700 (PDT)
Received: by 10.114.22.1 with HTTP; Tue, 28 Aug 2012 08:28:07 -0700 (PDT)
In-Reply-To: <CAAyV7nFRT24rksh6iDWxstfQwJ4+KdEC7Zs6EC8wBtJ8Zorf7w@mail.gmail.com>
References: <CAAyV7nFRT24rksh6iDWxstfQwJ4+KdEC7Zs6EC8wBtJ8Zorf7w@mail.gmail.com>
Date: Tue, 28 Aug 2012 11:28:07 -0400
Message-ID: <CAAyV7nGbRzb5sMs3N7uz51d1c-2-2n51jfWYhZncstTv0GAtbA@mail.gmail.com>
To: internals@lists.php.net
Content-Type: multipart/alternative; boundary=14dae9d71976d037b604c855162d
Subject: Re: [PROPOSED] password_hash RFC - Implementing simplified password
 hashing functions
From: ircmaxell@gmail.com (Anthony Ferrara)

--14dae9d71976d037b604c855162d
Content-Type: text/plain; charset=ISO-8859-1

>
> Hello all,
>
> Since the discussion has died down around the concept, I have updated the
> RFC and moved it into Proposed (under discussion) status.
>
> I have updated the RFC to include a section on discussion points
> containing points that I know were raised but I felt were not closed (there
> was some debate or disagreement). I tried to include a simple description
> of both arguments, and the position the RFC currently takes and a brief
> reason why.
>
> https://wiki.php.net/rfc/password_hash
>
> Please have a look and provide any feedback!
>

I've removed the password_make_salt() function from being exposed and
updated the RFC to indicate such. It can be added as a later change if
needed.

I plan on opening the vote on this next week, so if there's anything else
anyone wants to discuss, please speak up!

Anthony

--14dae9d71976d037b604c855162d--