Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:94902
Return-Path: <jared.williams1@ntlworld.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 89539 invoked from network); 7 Aug 2016 16:14:48 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Aug 2016 16:14:48 -0000
Authentication-Results: pb1.pair.com smtp.mail=jared.williams1@ntlworld.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=jared.williams1@ntlworld.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ntlworld.com designates 80.0.253.74 as permitted sender)
X-PHP-List-Original-Sender: jared.williams1@ntlworld.com
X-Host-Fingerprint: 80.0.253.74 know-smtprelay-omc-10.server.virginmedia.net  
Received: from [80.0.253.74] ([80.0.253.74:50900] helo=know-smtprelay-omc-10.server.virginmedia.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 2D/63-33134-57E57A75 for <internals@lists.php.net>; Sun, 07 Aug 2016 12:14:46 -0400
Received: from [192.168.1.102] ([81.101.128.161])
	by know-smtprelay-10-imp with bizsmtp
	id UGEi1t00B3V4BlM01GEiXV; Sun, 07 Aug 2016 17:14:42 +0100
X-Originating-IP: [81.101.128.161]
X-Spam: 0
X-Authority: v=2.1 cv=Ha/pNXw8 c=1 sm=1 tr=0 a=F/DkaBmB3CRA5jdVf8OlYA==:117
 a=F/DkaBmB3CRA5jdVf8OlYA==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10
 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=67BIL_jfAAAA:8 a=Ba39IY0s4I6Ioo9f9OwA:9
 a=QEXdDO2ut3YA:10 a=NWVoK91CQySWRX1oVYDe:22 a=NumKjXolQHiPR4xHErVj:22
 a=ECHZyOg0qcRbw4AXGpVj:22
Message-ID: <1470586482.9621.2.camel@ntlworld.com>
To: internals@lists.php.net
Date: Sun, 07 Aug 2016 17:14:42 +0100
In-Reply-To: <CAGC=tRnpka_ym=f-xsskjeiPaqahsTEAxPq9=E8Z73KQKeRrHg@mail.gmail.com>
References: 
	<CAGC=tRnpka_ym=f-xsskjeiPaqahsTEAxPq9=E8Z73KQKeRrHg@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.1 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] [RFC][DISCUSSION] Argon2 Password Hash
From: jared.williams1@ntlworld.com (Jared Williams)

On Fri, 2016-08-05 at 07:47 -0500, Charles R. Portwood II wrote:
> Hello Internals,
> 
> Due to a couple issue with the original RFC's scope, the RFC for
> introducing Argon2 as an alternative hashing algorithm for the
> password_*
> functions was closed shortly after starting on Monday.
> 
> The following details were adjusted. and I would appreciate your
> feedback
> before re-opening the vote.
> 
>    - The RFC scope was reduced to only cover inclusion in 7.2. This
> RFC no
>    longer proposes changes to PASSWORD_DEFAULT in 7.4.
>    - Argon2d is not suitable for password hashing, and has been
> removed to
>    keep in line with the scope goals of the password_* functions.
>    - The configure flag was changed to --with-argon2 to
>    --with-password-argon2 to further clarify the scope of this RFC.
> 
> Further rationale for these items is provided in the RFC itself.
> 
> The RFC is available at: https://wiki.php.net/rfc/argon2_password_has
> h.
> 
> Thanks to those who emailed me directly to discuss the matter on
> Monday,
> and for your feedback on these changes.
> 
> *Charles R. Portwood II*

Argon2 also supports keyed hashes and associated data, but seen no
mention of either.

Jared