Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72159
Return-Path: <swhitemanlistens-software@cypressintegrated.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 95476 invoked from network); 4 Feb 2014 00:05:27 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 4 Feb 2014 00:05:27 -0000
Authentication-Results: pb1.pair.com smtp.mail=swhitemanlistens-software@cypressintegrated.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=swhitemanlistens-software@cypressintegrated.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain cypressintegrated.com designates 173.1.104.101 as permitted sender)
X-PHP-List-Original-Sender: swhitemanlistens-software@cypressintegrated.com
X-Host-Fingerprint: 173.1.104.101 rproxy2-b-iv.figureone.com  
Received: from [173.1.104.101] ([173.1.104.101:54233] helo=rproxy2-b-iv.figureone.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 3B/30-35654-7CE20F25 for <internals@lists.php.net>; Mon, 03 Feb 2014 19:05:27 -0500
Received: from bad.dop.co ([108.12.130.219])
        by rproxy2-b-iv.figureone.com (Brand New Heavy v1.0) with ASMTP id QCJ85820
        for <internals@lists.php.net>; Mon, 03 Feb 2014 16:05:20 -0800
Date: Mon, 3 Feb 2014 19:05:03 -0500
Reply-To: Sanford Whiteman <swhitemanlistens-software@cypressintegrated.com>
X-Priority: 3 (Normal)
Message-ID: <755946425.20140203190503@cypressintegrated.com>
To: =?utf-8?Q?P=C3=A1draic_Brady?= <internals@lists.php.net>
In-Reply-To: <CALwr1Gmy2amRoWPpfmY41LJboAqnJp0pFcgYN0owwuAy_6fP4g@mail.gmail.com>
References: <CAH8Mpn=Kw9CCmpiXm-UE2s=GKFroTGczTr=ENczuAeiTCH6QwQ@mail.gmail.com> <344075933.20140203143339@figureone.com> <CAH8MpnkuFDNzYi4enqqtQcmis08LyTWojV3DZrc_Mwim=aqvRQ@mail.gmail.com> <CAH8MpnnXag49Yw9yE2p=+h3X2caz6wwfiT8kLf8H_WxrwtjVNw@mail.gmail.com> <10337340.20140203171726@cypressintegrated.com> <CALwr1Gmy2amRoWPpfmY41LJboAqnJp0pFcgYN0owwuAy_6fP4g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Re: Windows Peer Verification
From: swhitemanlistens-software@cypressintegrated.com (Sanford Whiteman)

> Your blaming of PHP is significantly misplaced. It is not solely
> responsible for programmer malpractice. There are programmers out
> there, right this moment, with code all across Github doing one very
> unusual thing. They are deliberately disabling peer verification in
> cURL where it is enabled by default. They WILL do the same with PHP
> streams/sockets. The buck stops at the programmer's feet and that's
> it. All PHP can do is promote and encourage best practices, it can
> never enforce them.

So you don't agree with this patch? In that case I agree, you are
being fully consistent and this standpoint is quite convincing. If we
don't touch the language, we can affix blame solely to the user.

However my argument assumed the patch was accepted into the language.
_In that context_ it is foolish to say the language bears no
responsibility while at the same time making language changes so it
behaves "the way it should have been."

> There are programmers out there, right this moment, with code all
> across Github doing one very unusual thing. They are deliberately
> disabling peer verification in cURL where it is enabled by default

These aren't the programmers who are affected by the changing of
defaults. They are fully culpable.

-- S.