Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:62947 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 96807 invoked from network); 11 Sep 2012 11:53:51 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 11 Sep 2012 11:53:51 -0000 Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.210.170 as permitted sender) X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 209.85.210.170 mail-iy0-f170.google.com Received: from [209.85.210.170] ([209.85.210.170:52326] helo=mail-iy0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C4/31-24398-D462F405 for ; Tue, 11 Sep 2012 07:53:50 -0400 Received: by iamm10 with SMTP id m10so331235iam.29 for ; Tue, 11 Sep 2012 04:53:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=JW+ZOJBiMsMMgTLT9AiE0eEj5t3tGAAGQ1d9on6GcJ0=; b=DqhWAWx7cNNNlmesKOZiJDEQ3efd9VAcO6GtX5ZoA4fc/5GlF2hlJuzmUWChuDw7rc lqvBwIqLBYVO6pgQXk47Vnpgi03qZAcLPcD1rXr8cIBhyHyOTVJYwKU3QfDHPsVIokhF MQrSFd57k9RDpeVqzSA3BUpgQ60miOPytWgBwCclpdSqaUz/f+6rKD+gAGyhd3FpEd62 qfel3VqfFusSZRvxSmsvq3XMGrgekGdoH9iZ9LAmTQXqMAAsBckgltrS+u2YpV8xl1js XcDtpNiKwNTcG78MEhT/aj8ktHk3z3nHyMfGd0U6M4B5twkzF7cTZ+W7739+vBDzT/hK hRFw== MIME-Version: 1.0 Received: by 10.42.155.200 with SMTP id v8mr21230366icw.12.1347364427324; Tue, 11 Sep 2012 04:53:47 -0700 (PDT) Received: by 10.64.60.40 with HTTP; Tue, 11 Sep 2012 04:53:47 -0700 (PDT) In-Reply-To: References: <504E6862.4080608@sugarcrm.com> Date: Tue, 11 Sep 2012 13:53:47 +0200 Message-ID: To: Anthony Ferrara Cc: Stas Malyshev , Hannes Magnusson , "internals@lists.php.net" Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] [VOTE] Add simplified password hashing API From: pierre.php@gmail.com (Pierre Joye) hi, On Tue, Sep 11, 2012 at 1:41 PM, Anthony Ferrara wrote: > It's not the end of the world, because we can copy/paste that function into > the PECL extension, and just conditionally include it. There would be > duplication between the two, but it wouldn't be too bad... agreed. > Consider? Sure. But I'm not sure it's worth while. Stas brought up the > adoption point, which I think is the kicker. The target audience for this > API is not the type that usually has access to install PECL extensions. So > while some may use it as an extension, the majority who would significantly > benefit from it wouldn't be able to. So the benefit to releasing it as a > PECL extension would basically defeat the point... > > And to Stas's point about the PHP solution not being the same, I fail to > understand why. It's built using identical algorithms (translated from C to > PHP as best as possible). It's tested using the same tests with the only > difference surrounding error messages. Plus it's portable (can be used on > shared hosts). The only real difference is testing the PHP version doesn't > say anything to the *security* of the C version. But it does test the API > and the concept... distros will provide it and that's the kicker. Believe, in the beginning of the new ext/zip, having it pecl drastically improve the adoption through distros. Less now as we have frequent PHP releases (also why I do much more less pecl releases ;). Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org