Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:82144
Return-Path: <fsb@thefsb.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 88031 invoked from network); 8 Feb 2015 15:44:16 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Feb 2015 15:44:16 -0000
Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.67 as permitted sender)
X-PHP-List-Original-Sender: fsb@thefsb.org
X-Host-Fingerprint: 173.203.187.67 smtp67.iad3a.emailsrvr.com Linux 2.6
Received: from [173.203.187.67] ([173.203.187.67:44473] helo=smtp67.iad3a.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id D5/E0-15550-D4487D45 for <internals@lists.php.net>; Sun, 08 Feb 2015 10:44:16 -0500
Received: from smtp9.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1])
	by smtp9.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 12D6938035E;
	Sun,  8 Feb 2015 10:44:10 -0500 (EST)
Received: by smtp9.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id B113B38035A;
	Sun,  8 Feb 2015 10:44:07 -0500 (EST)
X-Sender-Id: fsb@thefsb.org
Received: from [10.0.1.2] ([UNAVAILABLE]. [73.4.147.142])
	(using TLSv1 with cipher DES-CBC3-SHA)
	by 0.0.0.0:465 (trex/5.4.2);
	Sun, 08 Feb 2015 15:44:10 GMT
User-Agent: Microsoft-MacOutlook/14.4.7.141117
Date: Sun, 08 Feb 2015 10:44:04 -0500
To: php-internals <internals@lists.php.net>,
	Yasuo Ohgaki <yohgaki@ohgaki.net>,
	Pierre Joye <pierre.php@gmail.com>
Message-ID: <D0FCE2B2.5D254%fsb@thefsb.org>
Thread-Topic: [PHP-DEV] Security changes in PHP 7
References: <D0FBCF22.5D217%fsb@thefsb.org>
 <CAGa2bXavqvp5St5in4ckWamVO8GcpkBqH2KOXATLkaFrQa7t0w@mail.gmail.com>
In-Reply-To: <CAGa2bXavqvp5St5in4ckWamVO8GcpkBqH2KOXATLkaFrQa7t0w@mail.gmail.com>
Mime-version: 1.0
Content-type: text/plain;
	charset="UTF-8"
Content-transfer-encoding: 7bit
Subject: Re: [PHP-DEV] Security changes in PHP 7
From: fsb@thefsb.org (Tom Worster)

Hi Yasuo, Pierre,

Thank you both for the updates.

I expect the vote to remove mcrypt can be shifted towards "yes" if some
campaigning effort is made. I made a start in another thread.

Assuming that mcrypt goes, as it should, we are left with a problem. The
PHP user doesn't have a platform-independent way to get pseudo-random
bytes for crypto. OpenSSL's RNG is not to be trusted. If the user knows
this (I wouldn't bet on it) then she has to resort to accessing the
platform RNG directly.

On Unix-like system's it is technically easy but much confusion is caused
by the Linux man page with its myth that urandom is unsafe for crypto.

On Windows I just have no idea how the user might proceed.

So I really think the "Reliable, userfriendly RNG APIs" idea in the wiki
is very important.

Tom