Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87638 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 45076 invoked from network); 5 Aug 2015 04:53:48 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 Aug 2015 04:53:48 -0000 Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.221 cause and error) X-PHP-List-Original-Sender: me@kelunik.com X-Host-Fingerprint: 81.169.146.221 mo4-p00-ob.smtp.rzone.de Received: from [81.169.146.221] ([81.169.146.221:22615] helo=mo4-p00-ob.smtp.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 72/79-11835-AD691C55 for ; Wed, 05 Aug 2015 00:53:48 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1438750423; l=2549; s=domk; d=kelunik.com; h=Content-Type:Cc:To:From:Subject:Date:References:In-Reply-To: MIME-Version; bh=wEdQ3aTIQG1brKpKfCvBQQPnXgqPAFmYooMO/MawJWw=; b=nuRWeSZd6ctuLvSpXbb3sxqed98wFelbhP0ZpgGs2o5smXdFOgG6NAtq/cEbp3LH/O8 hJXeDo+P0TvAFvDh8a4F6YlwJsStfEF7qBWlEJu2hgmPKh/ZqmRmieKDBjQ/YAEJHuf2N MAjXadoODUfJwKLkocKCKdNwf1ny8NPIdU4= X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLDup6E67mzuoNNBqD/sK4= X-RZG-CLASS-ID: mo00 Received: from mail-wi0-f170.google.com ([209.85.212.170]) by smtp.strato.de (RZmta 37.8 AUTH) with ESMTPSA id e0541ar754rhz4i (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate) for ; Wed, 5 Aug 2015 06:53:43 +0200 (CEST) Received: by wicgj17 with SMTP id gj17so176485016wic.1 for ; Tue, 04 Aug 2015 21:53:43 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.194.60.226 with SMTP id k2mr15137155wjr.10.1438750423799; Tue, 04 Aug 2015 21:53:43 -0700 (PDT) Received: by 10.27.204.197 with HTTP; Tue, 4 Aug 2015 21:53:43 -0700 (PDT) In-Reply-To: <55C15F1B.9010401@gmail.com> References: <55C0685E.2070202@gmail.com> <55C15F1B.9010401@gmail.com> Date: Wed, 5 Aug 2015 06:53:43 +0200 Message-ID: To: Stanislav Malyshev Cc: Scott Arciszewski , PHP Internals Content-Type: multipart/alternative; boundary=047d7bacbed6ee5fd3051c892fb0 Subject: Re: [PHP-DEV] PHP 7.1 Cryptography Projects From: me@kelunik.com (Niklas Keller) --047d7bacbed6ee5fd3051c892fb0 Content-Type: text/plain; charset=UTF-8 > > So my question here is - how important task is switching crypto backends > easily? Moreover, what would be the reason for me, as an app developer, > to target more than one crypto backend? I can see why I may want to > target mysql and say, SQL server - these two platforms have different > advantages, etc. But if OpenSSL works for my app, why would I need to > support any other backend? Do I have a chance of a client saying "oh, we > don't run apps using OpenSSL, only libsodium"? Abstraction is a nice > thing, but in this case I'm not sure about the added value. Of course, > if crypto library goes out of support - like mcrypt - it can be handy, > but given that each library probably will have own peculiarities, I'm > not sure abstraction would allow for clean switch anyway. Yes, it's important if libraries are abandoned or you want to switch to another backend, because you finally decided you don't want to trust OpenSSL anymore. Regards, Niklas --047d7bacbed6ee5fd3051c892fb0--