Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:99900 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 47232 invoked from network); 18 Jul 2017 14:00:30 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 18 Jul 2017 14:00:30 -0000 Authentication-Results: pb1.pair.com header.from=ocramius@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=ocramius@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.128.182 as permitted sender) X-PHP-List-Original-Sender: ocramius@gmail.com X-Host-Fingerprint: 209.85.128.182 mail-wr0-f182.google.com Received: from [209.85.128.182] ([209.85.128.182:34677] helo=mail-wr0-f182.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 20/D8-02884-E741E695 for ; Tue, 18 Jul 2017 10:00:30 -0400 Received: by mail-wr0-f182.google.com with SMTP id 12so30834142wrb.1 for ; Tue, 18 Jul 2017 07:00:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=BqYxF9ZdYE+AmEhbGneliYFsQc/aAG7ZeJ1m1XbgDZ8=; b=htoQOM4CFRgIjr9iHTCmvrW2E7UKYFe0lOrkWH7V+zMaeHRD6wJc8hrr4ySgTAeA1T mXA2ZwQjNeZQ7ZZl3kDX8PrmO72yhtmEVWJ+uscctSGvVrmay6H83OGMvpnmsPRHwgeA /hrnFgP2uFJszgCbSExZJjXGF6jYbwfWmoydZRc0pXCCCALQr2xWLMzP2cY5yk9QdLPG ehYdR/cbNClWXJtHqUecPeNTvHIPgzUO5SoBMRWT2ka3m/fg9JICobKO8UHQ1o4sAhuL EEz+DvW3GXKSobHWN/V4n7KecBFvgQDK0VN2EzYvYB+hpNxfFbkHUxNO2RJwDrnnGlA/ wAJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=BqYxF9ZdYE+AmEhbGneliYFsQc/aAG7ZeJ1m1XbgDZ8=; b=iAFGKwik40804xSolzm3a0hA9xwrtWQX3lY/nvPmm2huKH3lLtbzIc8ahWJn7AgSym jP7G+GlBtIu11i2nISOXnPJgCrLbTZeL/mWv2hiJQNIFu+HoRyPVA0c4PtJkeVRLXRYN aJC8+eFuGYlSnOpXAhvs33NLvxe4TFtkkp9XG67prFBdu0CWLKSyF28CCL6JbwLlJ3vV VHMvNKfgQ3v2Cuw9wyTeGd4UcCarECGxAU4lDY1uU/tyBx5rq0B10qI8eqP4yqHEHuIR Z7TN1oasWqBIWCAqsbZF9cCLT9qedsTS4+cP9iD/Ql5pYsG/bRYYCSy1eNtIzZSkcNJB 8WUw== X-Gm-Message-State: AIVw111QHYcZoS++zQaNCeALRSMHzEBdQzljpjtJ5ZIeLfvpKZ7zYnLI fdjANgltPTiUkISR0f+YAReRpn49268PdmE= X-Received: by 10.28.9.205 with SMTP id 196mr1915345wmj.126.1500386427483; Tue, 18 Jul 2017 07:00:27 -0700 (PDT) MIME-Version: 1.0 Received: by 10.223.135.186 with HTTP; Tue, 18 Jul 2017 07:00:07 -0700 (PDT) In-Reply-To: <2b801df9-682a-5013-3fd8-d420212c2073@rhsoft.net> References: <14052ebf-efea-cb43-39e0-bdc30e493ff3@genkgo.nl> <2b801df9-682a-5013-3fd8-d420212c2073@rhsoft.net> Date: Tue, 18 Jul 2017 16:00:07 +0200 Message-ID: To: "lists@rhsoft.net" Cc: PHP Internals List Content-Type: multipart/alternative; boundary="001a11442fce093e52055497f02e" Subject: Re: [PHP-DEV] [RFC] samesite cookie implementation From: ocramius@gmail.com (Marco Pivetta) --001a11442fce093e52055497f02e Content-Type: text/plain; charset="UTF-8" On Tue, Jul 18, 2017 at 3:50 PM, lists@rhsoft.net wrote: > i don't share your optinion, especially talking about 'should be > deprecated' where i get the feeling some peoples hobby is deprecate working > things > > comparing cookie params with encryption is hopefully just kidding > It could be a "hello world" function - same stuff. Also, yes, cookies are as security-sensitive stuff as crypto, if not often more (since crypto is usually handled at webserver level, and direct usage of openssl is more "rare") Marco Pivetta http://twitter.com/Ocramius http://ocramius.github.com/ --001a11442fce093e52055497f02e--