Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:91882 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 57507 invoked from network); 24 Mar 2016 02:26:51 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 24 Mar 2016 02:26:51 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.46 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.213.46 mail-vk0-f46.google.com Received: from [209.85.213.46] ([209.85.213.46:34326] helo=mail-vk0-f46.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A7/82-36618-96053F65 for ; Wed, 23 Mar 2016 21:26:50 -0500 Received: by mail-vk0-f46.google.com with SMTP id e185so42357148vkb.1 for ; Wed, 23 Mar 2016 19:26:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=QSFsopmG22TMBWr8w+xiZZfVde57Ule/V7WFUvxYogw=; b=EgZ7U+gVyzebyPgvaFggxWQA1qRoHn3nFOfXdf3bTIme4LNi6ap/1ajJxN1iWx/tO/ 4CZWQuM0NcdGemLZgf2lqoq1BOiVhF1sEcJC2Xp3UTaMwsgRyKwRceQ/k/UKBDRF6Czs 07bnF2z0tgQX/2Y+QsjYKgAgTakH+C8c/0A5Mw90ghe0OSbv7OyCb6wuCg+VA7G+j8Br pJNrXT9THlCR/hmE9CbRU0Bb2KJ3bu0R750FGzIh8be5fkGyWFXYJwRGhs2XlDZub2rt /Q7hDLxXJ4Jr08nQtBGbs6eDd+bZ9kGISXzobmiDauAqpQtPzmoNgmJOwyIGVrGWRXOm PSLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=QSFsopmG22TMBWr8w+xiZZfVde57Ule/V7WFUvxYogw=; b=Cs+Wo4BwtKmacXaAG700yHMNt79V73PFoPPJF4zvEi0zTqXRzMvcVFVXEi2rroqV8g SPffzdFhVBqllf0WMLtQTOOerqKw6p0kgjALLeNFUMc4NCUNrj4LZ9SmwuonxZruFW8E NLyrOV3z1gPQKXdjbO2e4KOMsqOwiVE9pwinYAGllRLIUMR0u/PclPkMddwaN7Ma28JB ujTG8CuKWThLDW4Fh42/+Hcn+3nNAzg6kbeDHBeP4PF4CJX8nNgQG+7AfFN1FA2h4aca 9Ad2joXIbNb/M9oT9kAXJ/fEOwN91RoSJyvyisSyubynvwnmQreIvRs/jl3cU097HSAG PK3A== X-Gm-Message-State: AD7BkJKvG8XqW0XWxHt7J2KJjwooKlxSrWMVhkH5y2JSaJ+C6UY9pfMnzrdZd58BeRmqDvDdj+elqzuFBhmd0g== X-Received: by 10.31.146.5 with SMTP id u5mr2772971vkd.19.1458786407016; Wed, 23 Mar 2016 19:26:47 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.159.40.98 with HTTP; Wed, 23 Mar 2016 19:26:07 -0700 (PDT) In-Reply-To: References: Date: Thu, 24 Mar 2016 11:26:07 +0900 X-Google-Sender-Auth: la-DZckGrwpQaCfB1t5-ursgevw Message-ID: To: "internals@lists.php.net" Content-Type: text/plain; charset=UTF-8 Subject: Re: [RFC Discussion] Precise session management From: yohgaki@ohgaki.net (Yasuo Ohgaki) Hi all, On Sun, Feb 14, 2016 at 9:49 AM, Yasuo Ohgaki wrote: > It's been long time since the first proposal. Since session > module is important module for Web apps, I would like to > hear opinions for this RFC once again before vote. > > RFC > https://wiki.php.net/rfc/precise_session_management > > PR > https://github.com/php/php-src/pull/1734 > > Thank you. Vote is over and the result is 15 in favor and 11 against. It's over half of votes, but I set 2/3 to pass, so we have to come up to other solution for current session management problems. I'm looking forward to hear alternatives from people vote against this RFC. Issues are - Prevent race conditions. - Prevent session data from abuse. (Stolen session including forever) These are allowed with current session module. Thank you! -- Yasuo Ohgaki yohgaki@ohgaki.net