Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:82154
Return-Path: <fsb@thefsb.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 14726 invoked from network); 8 Feb 2015 17:48:44 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 8 Feb 2015 17:48:44 -0000
Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 67.192.241.147 as permitted sender)
X-PHP-List-Original-Sender: fsb@thefsb.org
X-Host-Fingerprint: 67.192.241.147 smtp147.dfw.emailsrvr.com Linux 2.6
Received: from [67.192.241.147] ([67.192.241.147:53307] helo=smtp147.dfw.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 05/26-15550-C71A7D45 for <internals@lists.php.net>; Sun, 08 Feb 2015 12:48:44 -0500
Received: from smtp31.relay.dfw1a.emailsrvr.com (localhost.localdomain [127.0.0.1])
	by smtp31.relay.dfw1a.emailsrvr.com (SMTP Server) with ESMTP id 97D653801DC;
	Sun,  8 Feb 2015 12:48:41 -0500 (EST)
Received: by smtp31.relay.dfw1a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id D5300380149;
	Sun,  8 Feb 2015 12:48:40 -0500 (EST)
X-Sender-Id: fsb@thefsb.org
Received: from [10.0.1.2] ([UNAVAILABLE]. [73.4.147.142])
	(using TLSv1 with cipher DES-CBC3-SHA)
	by 0.0.0.0:465 (trex/5.4.2);
	Sun, 08 Feb 2015 17:48:41 GMT
User-Agent: Microsoft-MacOutlook/14.4.7.141117
Date: Sun, 08 Feb 2015 12:48:36 -0500
To: Leigh <leight@gmail.com>
CC: PHP internals <internals@lists.php.net>
Message-ID: <D0FD0B20.5D31B%fsb@thefsb.org>
Thread-Topic: [PHP-DEV] Security changes in PHP 7
References: <D0FBCF22.5D217%fsb@thefsb.org>
 <CAGa2bXavqvp5St5in4ckWamVO8GcpkBqH2KOXATLkaFrQa7t0w@mail.gmail.com>
 <D0FCE2B2.5D254%fsb@thefsb.org>
 <CAEZPtU5MR=6E86DfriM-Xo6bue6cTmcxBBv1yGd41-RwFmGKWQ@mail.gmail.com>
 <CAPwsocF3qWL2zVgBrtOQH4=ZxBvhVYf2JiOxbV2NYa1Utj0aMQ@mail.gmail.com>
In-Reply-To: <CAPwsocF3qWL2zVgBrtOQH4=ZxBvhVYf2JiOxbV2NYa1Utj0aMQ@mail.gmail.com>
Mime-version: 1.0
Content-type: text/plain;
	charset="UTF-8"
Content-transfer-encoding: 7bit
Subject: Re: [PHP-DEV] Security changes in PHP 7
From: fsb@thefsb.org (Tom Worster)

Hi Leigh,

On 2/8/15, 12:33 PM, "Leigh" <leight@gmail.com> wrote:
>
>Are we happy to accept that we'll lose access to some of mcrypts
>ciphers if we do this? I'd suspect most real world usage of php-mcrypt
>is to implement AES anyway, so most users would be covered.

I hope your suspicion is right.

I'd be happy to lose all but AES and Blowfish cyphers and CBC and CTR
modes.

Tom