Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:71899 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 65205 invoked from network); 31 Jan 2014 21:48:35 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 31 Jan 2014 21:48:35 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.174 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.217.174 mail-lb0-f174.google.com Received: from [209.85.217.174] ([209.85.217.174:49812] helo=mail-lb0-f174.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 23/62-54292-23A1CE25 for ; Fri, 31 Jan 2014 16:48:35 -0500 Received: by mail-lb0-f174.google.com with SMTP id l4so3809974lbv.5 for ; Fri, 31 Jan 2014 13:48:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=xf/vPmtkxwDDL7u4ENCnkbXmwpYaq4wHX1VqLfh/Q/4=; b=xvsGxWBnLvduNbX/NC4ZyoFHX0hv4geiCK3/BptaFIwqqEM6bssWkYS/E0S/ZodMH4 CwfBXCEU+BQj/dyuUIsGVaNjmpF0SqWQeB0DMkhi7RwWzD8ygQ9mPUWyJRPq+pk5QC0u JbhoH0pAowJF9/HvHGS7Fdle3CiEiFRaIkNuv/t2v86RzqyL5fADkDi4Rzkkkfnu1RuR ZaMAPtozCXXwf5BSnPNiFCcnl66FKYrpCbEv0GDQ6qdcvGp/SVUW+oT7V2PZlDIdXQlq JRtmahNbqXiB2Rv4PGlvSSctlH537AU3RHR4WSWWTM2/e5FMvCF/kjhSx6s9sep7r0C1 bdkA== X-Received: by 10.152.170.232 with SMTP id ap8mr2874047lac.40.1391204910789; Fri, 31 Jan 2014 13:48:30 -0800 (PST) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.199.37 with HTTP; Fri, 31 Jan 2014 13:47:50 -0800 (PST) In-Reply-To: References: <824758DB-57D8-4B4B-BECD-E1F12531FDE0@rouvenwessling.de> Date: Sat, 1 Feb 2014 06:47:50 +0900 X-Google-Sender-Auth: DsnnJRmGNisvncphIwaSdH1ya1I Message-ID: To: Daniel Lowrey Cc: =?UTF-8?Q?Rouven_We=C3=9Fling?= , =?UTF-8?Q?P=C3=A1draic_Brady?= , "internals@lists.php.net" Content-Type: multipart/alternative; boundary=089e0117769184770404f14b2250 Subject: Re: [PHP-DEV] Improved TLS Defaults From: yohgaki@ohgaki.net (Yasuo Ohgaki) --089e0117769184770404f14b2250 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Daniel, On Fri, Jan 31, 2014 at 2:17 AM, Daniel Lowrey wrote: > On Thu, Jan 30, 2014 at 12:11 PM, Rouven We=C3=9Fling >wrote: > > > > > On 30.01.2014, at 04:15, Daniel Lowrey wrote: > > > > As I mentioned in the updated RFC > > text I think it makes sense to deprecate the specific wrappers in 5.6 a= nd > > look to remove them in 5.7 as they're really unnecessary in light of th= e > > ability to specify flags for the specific individual protocols you wish > to > > use on a given stream. > > > > > > Please don't. By deprecating in 5.6 and removing in 5.7 (which would be > > faster than anything before) you'd royally screw everyone skipping a > > version - something that gets increasingly likely with the faster relea= se > > cycle. > > > > I'd suggest deprecating them now with this RFC and remove it in PHP 6, = if > > PHP6 doesn't come around they could still be removed in a future RFC. > > > > Best regards > > Rouven > > > > Sounds good to me. Will update the RFC for deprecation of the sslv2:// an= d > sslv3:// stream wrappers in 5.6 with removal planned for PHP 6. > I agree that obsolete protocol should be deprecated. However, removal is totally different. I would like to have *long* period before removing any feature from PHP whenever it is possible. It could be used as toy for security experiments as well as for incredibly old internal servers never updated. Perhaps, remove them for PHP 7 or even 8? Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --089e0117769184770404f14b2250--