Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94859
Return-Path: <derokorian@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 16909 invoked from network); 5 Aug 2016 15:08:19 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 5 Aug 2016 15:08:19 -0000
Authentication-Results: pb1.pair.com smtp.mail=derokorian@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=derokorian@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.48 as permitted sender)
X-PHP-List-Original-Sender: derokorian@gmail.com
X-Host-Fingerprint: 74.125.82.48 mail-wm0-f48.google.com  
Received: from [74.125.82.48] ([74.125.82.48:36520] helo=mail-wm0-f48.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 94/BC-33134-2EBA4A75 for <internals@lists.php.net>; Fri, 05 Aug 2016 11:08:18 -0400
Received: by mail-wm0-f48.google.com with SMTP id q128so35003827wma.1
        for <internals@lists.php.net>; Fri, 05 Aug 2016 08:08:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=70HD0c78tEUOWebJf2Ow6mc+Ou036edjQQE8M/5My0k=;
        b=LzuXjFVs+9V3DSPbSqMhb8FVVuKBcZgvLDFe68GiTyQrTK/1DOjSwJBp2bh6D3ddgg
         9F4lsOWrhLzIj0db+b2FKEfpsC73s1k0RRs/48Xbkg5gPJPoYGci0pmdkBhNgKN/ie5v
         nLDgvPnAQZV//QHV+Hg+mNG765zlWUhlK99hkZ363YaISrHJeh2yJVQ9mZD9UdTrZmoI
         gvgQKjf3V9NwkQKTqUCsyihSc3G9sP8suLlygU0key1rZ+6Nhvjen4mzFWh4c5BF9pj8
         ZD7IW26L0U5HFlCq4JphY3hD53zu3kt+LpQMqBHR2xA7DZUr2qU47DPBgQarwBq35+gs
         O3Qg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=70HD0c78tEUOWebJf2Ow6mc+Ou036edjQQE8M/5My0k=;
        b=fUKgEdNK+R7IqbpCiCFFObCx9JNj8W02keiyXoqED1OluEWbZ0EBkIeuP00sbu5I/9
         ktgRIW5yPXOIBzOcISlWHAqozvT5R2f7ANEDZMsekd5oXOjgrmWR+SfIE9liEiw2h/8Q
         7O//FyfsfsaTlEVRpJr1C9Ov65tvglA3ycQLf/7X1JIZXtC7U4zYUD/VMMiJnf+psO/X
         x7jv0Wky3lJf85v9B3rj6T+vkGxK9ldBCzUP+prRtmM6L1SFoj3CAbK7ATjjbuOpw8X1
         SvHL+jpAIC78D4n+lEyMeMG9bwBagPW4+4v2yNyHvQbDtoasCi5X+ZKL7bsWPsSa2/eN
         Vr2g==
X-Gm-Message-State: AEkooutmdWGItURprO/IbS9oyVeKZ6LvCslUM/Y1OJfEMN7qn/0j25mFdIyQRzDLUI+qPaszSjXlyF2JWa8atw==
X-Received: by 10.194.179.163 with SMTP id dh3mr1445980wjc.73.1470409695184;
 Fri, 05 Aug 2016 08:08:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.182.132 with HTTP; Fri, 5 Aug 2016 08:08:14 -0700 (PDT)
In-Reply-To: <CAGC=tR=4v0KAkqnU1Q3Fr5AeM8o_PuJfP9rYQ_s4X3=Z9UUh=w@mail.gmail.com>
References: <CAGC=tRnpka_ym=f-xsskjeiPaqahsTEAxPq9=E8Z73KQKeRrHg@mail.gmail.com>
 <81b5a129-9c90-0a54-921f-7e1f9b5f727f@thefsb.org> <CAGC=tR=4v0KAkqnU1Q3Fr5AeM8o_PuJfP9rYQ_s4X3=Z9UUh=w@mail.gmail.com>
Date: Fri, 5 Aug 2016 09:08:14 -0600
Message-ID: <CAObuZdsq33=g4wG=FP0bOHnsE9N+PrCu3nGs7ZNAxx=rX4dJ+w@mail.gmail.com>
To: "Charles R. Portwood II" <charlesportwoodii@erianna.com>
Cc: Tom Worster <fsb@thefsb.org>, PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e01419f228e525c0539546fdd
Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Argon2 Password Hash
From: derokorian@gmail.com (Ryan Pallas)

--089e01419f228e525c0539546fdd
Content-Type: text/plain; charset=UTF-8

On Fri, Aug 5, 2016 at 8:49 AM, Charles R. Portwood II <
charlesportwoodii@erianna.com> wrote:

> On Fri, Aug 5, 2016 at 9:19 AM, Tom Worster <fsb@thefsb.org> wrote:
>
> > On 8/5/16 8:47 AM, Charles R. Portwood II wrote:
>
> Finally, I wonder if it wouldn't be better if, for the time being, we
> > do not provide default costs constants. Argon2 is new (as crypto algos
> > go) and very early in a gradual introduction in deployments. And it is
> > hard to use because of the three cost factors. Correctly tuning those
> > for different machines is not yet a commonly-understood skill. (You
> > even can find conflicting advice on how to tune Bcrypt's time factor.)
> >
>
>
> If, on the other hand, we omit the constants and require the $options
> > argument then it discourages inexpert users. At the same time it
> > encourages experimentation and understanding of the costs, among those
> > who take an interest, which I think is just what we want.
>
>
> The rationale for providing defaults is to ensure the password_* functions
> remain easy to use. Assuming that at some point PASSWORD_ARGON2I (or any
> new algorithm) would become PASSWORD_DEFAULT, the end user's expectations
> would be that *password_hash($password, PASSWORD_DEFAULT)* just works,
> without needing to specify additional arguments.
>

I think this is the most important part to consider. If you make $options
required for this algo, then making this algo the PASSWORD_DEFAULT would
mean that its a backwards incompatible change, because now all calls to
password_hash($password, PASSWORD_DEFAULT) would need to be updated to use
an older constant or pass in $options which I think totally defeats the
purpose of the password_hash API.

Please keep it so that defaults will work, but $options is available for
tuning as that's how the feature currently works.

--089e01419f228e525c0539546fdd--