Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94854 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 2297 invoked from network); 5 Aug 2016 12:48:21 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 Aug 2016 12:48:21 -0000 Authentication-Results: pb1.pair.com header.from=charlesportwoodii@ethreal.net; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=charlesportwoodii@ethreal.net; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain ethreal.net designates 209.85.218.45 as permitted sender) X-PHP-List-Original-Sender: charlesportwoodii@ethreal.net X-Host-Fingerprint: 209.85.218.45 mail-oi0-f45.google.com Received: from [209.85.218.45] ([209.85.218.45:34112] helo=mail-oi0-f45.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 0C/4A-33134-31B84A75 for ; Fri, 05 Aug 2016 08:48:20 -0400 Received: by mail-oi0-f45.google.com with SMTP id l203so27926328oib.1 for ; Fri, 05 Aug 2016 05:48:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ethreal.net; s=google; h=mime-version:sender:from:date:message-id:subject:to; bh=V+PAuNe/upGHqhc1+drD+9biBD7fSu7jZeTJzbwL21s=; b=f4/7OmO/jmYT/RoY2gzwALRRsLblwGLokkVbUCUvK/+mkr+KRLOoqVy0U9ta0J7jel gCLy5T/cnQMdMMx6sWEFGt6YdZDzLLtnmjHiWpc1bApJju2JVrab0v0GbMJ2GFQuhcLr CcBsjTOnLpkhFDOSXKrHsjgeUvsCLuKyKOMMw= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erianna.com; s=google; h=mime-version:sender:from:date:message-id:subject:to; bh=V+PAuNe/upGHqhc1+drD+9biBD7fSu7jZeTJzbwL21s=; b=K/ARLL8Pips1ofoGOtsC2AyeLDV5vgrugPW84Ea9GGJ/fzQmc6r3p4RcqmclteqnMj DtJlTDiXggX2ntaqsImVEH4yMRNqV9xDjO1URPa/e602jZEHQ2bSgUVEUKd7HLOppyRq KXqA9WqYHhIMVER9tqAMTtL4Kxo3wtlc8rUWM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=V+PAuNe/upGHqhc1+drD+9biBD7fSu7jZeTJzbwL21s=; b=TMYLkbqFfNjTdy8EVbQTRujFzCoPYENBbIAwQSarDTa/Hz+2ebHmXtLCK5kEQdjkb5 vX2cXTkQZQomp8yAmgEaLYikHdVKHu+1Ic8h0iddT5fy8aMzwWOxMXD3BjV/3W6KGZj0 JYq8HdyQ26EGqVwGz6IQ/xHVZHEkJjCIfiu4vOsYwLPm6U4suCFvxXZ3qpQEtAPKXQcN C+0Qjn1YYJokGpGTvN8NzCSYUOj868mhtN2NVdQgHbJZD1/5xrUfn2Bo1X0KhqhrulYD dnXyGd8KkZlbBRYlIpfWG4NaWzGwfblTdUrPMzj3bapxO5nwhVo7+IQvQI/I5Nq1xNB6 MFCQ== X-Gm-Message-State: AEkoouuzibywUue7JQRklyUpsV/7MiUGcrmqVWOBi/UjGREL5x9BTgOgMZwllLGx81Dbec4AlJTLu23S9iDTGQ== X-Received: by 10.157.1.163 with SMTP id e32mr435583ote.175.1470401296526; Fri, 05 Aug 2016 05:48:16 -0700 (PDT) MIME-Version: 1.0 Sender: charlesportwoodii@ethreal.net Received: by 10.182.191.72 with HTTP; Fri, 5 Aug 2016 05:47:56 -0700 (PDT) X-Originating-IP: [2601:246:100:db51:151c:d844:c7bb:b5dd] Date: Fri, 5 Aug 2016 07:47:56 -0500 X-Google-Sender-Auth: NDMxeR4t_fod0DBEaA5Q2tqiyQ0 Message-ID: To: PHP internals Content-Type: multipart/alternative; boundary=94eb2c09cb82f5097b0539527a9f Subject: [RFC][DISCUSSION] Argon2 Password Hash From: charlesportwoodii@erianna.com ("Charles R. Portwood II") --94eb2c09cb82f5097b0539527a9f Content-Type: text/plain; charset=UTF-8 Hello Internals, Due to a couple issue with the original RFC's scope, the RFC for introducing Argon2 as an alternative hashing algorithm for the password_* functions was closed shortly after starting on Monday. The following details were adjusted. and I would appreciate your feedback before re-opening the vote. - The RFC scope was reduced to only cover inclusion in 7.2. This RFC no longer proposes changes to PASSWORD_DEFAULT in 7.4. - Argon2d is not suitable for password hashing, and has been removed to keep in line with the scope goals of the password_* functions. - The configure flag was changed to --with-argon2 to --with-password-argon2 to further clarify the scope of this RFC. Further rationale for these items is provided in the RFC itself. The RFC is available at: https://wiki.php.net/rfc/argon2_password_hash. Thanks to those who emailed me directly to discuss the matter on Monday, and for your feedback on these changes. *Charles R. Portwood II* --94eb2c09cb82f5097b0539527a9f--