Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94866 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 33745 invoked from network); 5 Aug 2016 17:51:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 Aug 2016 17:51:16 -0000 Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.221 cause and error) X-PHP-List-Original-Sender: me@kelunik.com X-Host-Fingerprint: 81.169.146.221 mo4-p00-ob.smtp.rzone.de Received: from [81.169.146.221] ([81.169.146.221:22763] helo=mo4-p00-ob.smtp.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id E0/5F-33134-312D4A75 for ; Fri, 05 Aug 2016 13:51:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1470419472; l=7068; s=domk; d=kelunik.com; h=Content-Type:Cc:To:Subject:Date:From:References:In-Reply-To: MIME-Version; bh=9BVy+Hyr1kxS63qZrJnE8+H+OowFr3Mj4530NLLmlvc=; b=VK+VFMARBzuWKq0mlN4bfEJfr75VyjIIvPIMkaerjLqOuSlXbXKd12YeK9kkGC7yqX8 u/RThY+Z0BS+RmK9UPA8M7AhIAf1qmrW6OqY74UpJucZh98m+rEUynLYphYP6oNry/Q3M KWS8D1UDh97sVDrqz96tL3xYe7OJ15oS/So= X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLGvomb4bl9EfHtO3A6 X-RZG-CLASS-ID: mo00 Received: from mail-wm0-f43.google.com ([74.125.82.43]) by smtp.strato.de (RZmta 38.13 AUTH) with ESMTPSA id 20a3fas75HpCt1q (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp384r1 with 384 ECDH bits, eq. 7680 bits RSA)) (Client did not present a certificate) for ; Fri, 5 Aug 2016 19:51:12 +0200 (CEST) Received: by mail-wm0-f43.google.com with SMTP id f65so40027983wmi.0 for ; Fri, 05 Aug 2016 10:51:12 -0700 (PDT) X-Gm-Message-State: AEkoouttIwVJx5UfsOlFmmo6LDqy/ISIGtbm6il3NSjdrYJPuXXBPRFF68/KqubKXfzfrfziUE1jcLrYcXS4tA== X-Received: by 10.194.184.39 with SMTP id er7mr70035871wjc.159.1470419472190; Fri, 05 Aug 2016 10:51:12 -0700 (PDT) MIME-Version: 1.0 Received: by 10.28.27.206 with HTTP; Fri, 5 Aug 2016 10:51:11 -0700 (PDT) In-Reply-To: References: <81b5a129-9c90-0a54-921f-7e1f9b5f727f@thefsb.org> Date: Fri, 5 Aug 2016 19:51:11 +0200 X-Gmail-Original-Message-ID: Message-ID: To: "Charles R. Portwood II" Cc: Ryan Pallas , Tom Worster , PHP internals Content-Type: multipart/alternative; boundary=047d7ba97a104f9b62053956b632 Subject: Re: [PHP-DEV] Re: [RFC][DISCUSSION] Argon2 Password Hash From: me@kelunik.com (Niklas Keller) --047d7ba97a104f9b62053956b632 Content-Type: text/plain; charset=UTF-8 2016-08-05 18:36 GMT+02:00 Charles R. Portwood II < charlesportwoodii@erianna.com>: > On Fri, Aug 5, 2016 at 10:08 AM, Ryan Pallas wrote: > > > > > > I think this is the most important part to consider. If you make $options > > required for this algo, then making this algo the PASSWORD_DEFAULT would > > mean that its a backwards incompatible change, because now all calls to > > password_hash($password, PASSWORD_DEFAULT) would need to be updated to > use > > an older constant or pass in $options which I think totally defeats the > > purpose of the password_hash API. > > > > Please keep it so that defaults will work, but $options is available for > > tuning as that's how the feature currently works. > > > > > > > The rationale for providing defaults is to ensure the password_* > >> functions remain easy to use. > > > > > > I understand. I was actually suggesting that we deliberately make it > > harder to use! > > > Assuming that at some point PASSWORD_ARGON2I (or any new algorithm) > >> would become PASSWORD_DEFAULT, the end user's expectations would be that > >> password_hash($password, PASSWORD_DEFAULT) just works, without needing > to > >> specify additional arguments. > > > > > > I agree entirely. I'm not against introducing default cost constants. I am > > instead proposing we allow a period of time after introduction of Argon2 > > into PHP before deciding what the default costs should be and define the > > constants at the same time as setting PASSWORD_DEFAULT = > PASSWORD_ARGON2I, > > or possibly before. > > > > Please reread my previous message for the reasons behind this (odd, I > > admit) idea. > > > Hi Tom, > > I understand what you're saying. Ryan said it a bit more clearly than I > did, making the options required causes backwards-incompatible changes to > the password_hash API. That's my real reservation behind not providing > defaults. > > A separate RFC would be needed for 7.4 to make PASSWORD_ARGON2I = > PASSWORD_DEFAULT). If the supplied constants need to be changed for that, I > think that would be the time to do so. I think for now something needs to > be provided to ensure the password_hash API doesn't change. > > On Fri, Aug 5, 2016 at 11:29 AM, Niklas Keller wrote: > > > > Hi Charles, > > > > I'd prefer `memory_cost` and `time_cost` over `m_cost` and `t_cost`. Do > we > > have any reason to use the shorter but less readable names here? > > > > Regards, Niklas > > > > 'm_cost' and 't_cost' is what is used in the reference library. Someone > looking at the reference material would see those names. People knowing the reference library will probably recognize `memory_cost` and `time_cost`, but this is a simple API targeted on a large audience. Most users of it won't know the reference library's internals. Regards, Niklas --047d7ba97a104f9b62053956b632--