Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94381
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 68674 invoked from network); 5 Jul 2016 03:03:03 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Jul 2016 03:03:03 -0000
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.42 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.218.42 mail-oi0-f42.google.com  
Received: from [209.85.218.42] ([209.85.218.42:35964] helo=mail-oi0-f42.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8F/84-30328-5632B775 for <internals@lists.php.net>; Mon, 04 Jul 2016 23:03:02 -0400
Received: by mail-oi0-f42.google.com with SMTP id f189so213451749oig.3
        for <internals@lists.php.net>; Mon, 04 Jul 2016 20:03:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc;
        bh=J3AiO5tDuXp6FGT22ByYsctZZBj4yCmjJXOLW57r8Fo=;
        b=m8CR0te3DaOjW9XhA7gPwpKDApWBErHTAXQlpoHd1ypgFieYb9bdoFmIMpntC59Zip
         tMlj1obcPDhhsCRWTzWuZ4x9psaPshoZqcnn94HYNs0jEGK5MSZ+6m81s7vvTyXtYPWw
         jnIqkSY4ZQ9pEL3cwnL0+4qo6u9eODUVB9lsW+06NNMiDhbclR5HG2i3PpdfanzgB6Yq
         klnCx1N7D01A3nFw8LlXOF/CmRVPXq9rDumLG00o8vwx8rotdxdU5M2n75UXKIoUg00x
         GzXziX1mskNpyP1WKbWlWWZyIUxXDVKg2AI9HzR/A5numpLK9x8AQOaMoM+v4xHLIr5a
         uYmA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:date
         :message-id:subject:from:to:cc;
        bh=J3AiO5tDuXp6FGT22ByYsctZZBj4yCmjJXOLW57r8Fo=;
        b=R8M4uMBJWXGebWTQKHWVQbKMaqb5CxaaQr3+lEwKK/uwxBfGUOXOWWNVGrmnx2GBbG
         ffDn2n1Kh1kekUeYmvy4wvlSQXrr9hPa2avHPBIocgEC2BhrtSE49tjFTVLLC8Qvya7X
         aZ+k5bbpcFFgA/lxnL9QMSxlYWMYQgyYCnPW5PJ6+v3dr7wqDssxsf3nezeXwAVDtFos
         v+50aXU98gEGxKS26aB6e5Xk8ZVpFTVco/zAN0Ezh/3a0rFR+A0rFtTkFzKuQ1I8J47y
         Egj3JNp8QdvIL6gkt1Lclk2LbETexxYSSUs4azCx16UveeoV+5sTO8RGK0u9nkNAGOXB
         1ARg==
X-Gm-Message-State: ALyK8tIIZF3n2BlC83ZRVzxhM1U47b87NoYkAg9QMqZfUXfaMy8sF1gC6CoTTGEPMw2bTIiY1YX/0XpYTQoLnQ==
MIME-Version: 1.0
X-Received: by 10.202.76.77 with SMTP id z74mr8877714oia.33.1467687778216;
 Mon, 04 Jul 2016 20:02:58 -0700 (PDT)
Received: by 10.202.190.3 with HTTP; Mon, 4 Jul 2016 20:02:58 -0700 (PDT)
Received: by 10.202.190.3 with HTTP; Mon, 4 Jul 2016 20:02:58 -0700 (PDT)
In-Reply-To: <CAGa2bXa3o4FzQDGyU+=XHWoH59QjTJdJcjwch4=VdUUC7ZsD=w@mail.gmail.com>
References: <CAGa2bXaSkozJLLtycujwmHyas9TofRw5s6JzG0EQQvPyU0pxNQ@mail.gmail.com>
	<CAGa2bXZ=DiqQ4PozYntvGApZHdkjWyTBQhk_Udy5Y3_m0ry9Lw@mail.gmail.com>
	<a32232d3-006b-a7c2-0aa8-7f44509dfe69@gmail.com>
	<CAGa2bXa3o4FzQDGyU+=XHWoH59QjTJdJcjwch4=VdUUC7ZsD=w@mail.gmail.com>
Date: Tue, 5 Jul 2016 10:02:58 +0700
Message-ID: <CAEZPtU5RRGbUXJE7cHd2LuUmF5hiGDJAhGNKZ+_nRj1d+pHkZA@mail.gmail.com>
To: Yasuo Ohgaki <yohgaki@ohgaki.net>
Cc: danack@php.net, PHP internals <internals@lists.php.net>, 
	Stanislav Malyshev <smalyshev@gmail.com>
Content-Type: multipart/alternative; boundary=001a11c15d9ea974790536dab06d
Subject: Re: [PHP-DEV] Re: [RFC][VOTE] Session ID without hashing
From: pierre.php@gmail.com (Pierre Joye)

--001a11c15d9ea974790536dab06d
Content-Type: text/plain; charset=UTF-8

On Jul 5, 2016 6:14 AM, "Yasuo Ohgaki" <yohgaki@ohgaki.net> wrote:
>
> Hi Stas,
>
> Thank you for sharing opinion.
> Followings is mine.
>
> On Tue, Jul 5, 2016 at 7:23 AM, Stanislav Malyshev <smalyshev@gmail.com>
wrote:
> >> Could you share the reason why against this change?
> >
> > 1. I'm not sure exporting raw generator state is a good practice. I may
> > change my opinion on the subject if I hear from some security people
> > (I'm no crypto expert) that this is ok, then I may change my opinion.
>
> I think no one can guarantee security of CSPRNG on all platforms.
>
> "CS" means cryptographic safety and cryptographers recommends
> not to reinvent crypt related functions/features.
>
> > 2. Due to (1), I do not think it makes sense to do this change, because
> > we produce no benefit (session generation speed is not that important
> > since nobody generates millions of sessions at once) and create
> > potential problems.
>
> Current implementation is regenerating random hash string by using
>
>  - PID
>  - Time (Simple random function)
>  - CSPRNG when it is available

For clarification, it is always available. Php requires a valid one to be
built.

We can argue about the provided pnrng being CS but it is not php's job to
decide.

--001a11c15d9ea974790536dab06d--